AWS Resume-as-Code Architecture

AWS cloud

Browser

user

HTTPS

Route 53

DNS

resolves

CloudFront

CDN + cache

forwards

ACM

SSL · us-east-1

via OAC

OAC

origin access control

private

S3 bucket

private · static files

networking / DNS

delivery / CDN

security / certs

storage

Terraform IaC

Security: S3 bucket has no public endpoint. All access is routed through CloudFront via OAC — eliminating the risk of accidental data exposure via direct S3 URLs. ACM certificate is provisioned in us-east-1 (required by CloudFront). Least-privilege IAM policies enforced throughout.

Resume-as-Code architecture