A Portfolio website using Hugo and deployed to AWS using Pulumi

Posted on by


This is a submission for the Pulumi Deploy and Document Challenge: Fast Static Website Deployment



What I Built

A statically generated portfolio website using Hugo and deployed to AWS using Pulumi. The project automates provisioning of an S3 bucket for hosting, CloudFront CDN for distribution, and Route53 DNS records. Includes automated HTTPS via ACM certificates and integrates GitHub Actions for CI/CD.

The README includes:

  • Full architecture diagram

  • Environment setup instructions

  • Pulumi deployment walkthrough

  • Cost estimation guide

  • Security hardening practices



My Journey

  1. Initial Setup: Spent 2 hours learning Pulumi’s TypeScript SDK and AWS provider structure

  2. Core Implementation:

  • Generated Hugo site with custom theme

  • Configured S3 bucket with public-read access and static website hosting

  • Set up CloudFront distribution with custom domain and SSL

  1. Challenges:

  • DNS propagation delays with Route53

  • Configuring correct CORS policies for CDN

  • Debugging Pulumi preview vs actual deployment differences

  1. Solutions:

  • Implemented Pulumi’s waitUntil for resource stabilization

  • Used Terraform CDK patterns for complex resource relationships

  • Added comprehensive unit tests with Pulumi Test Framework



Using Pulumi

Pulumi was chosen for its:

  • Strong TypeScript support with real TypeScript typing

  • Multi-cloud capabilities (could easily port to Azure/GCP)

  • Resource dependency visualization in VSCode

  • Rollback capabilities during deployment failures

Key Pulumi features used:


// Infrastructure components

const websiteBucket = new s3.Bucket('WebsiteBucket', {

    website: {

        indexDocument: 'index.html',

    },

});

const distribution = new cloudfront.Distribution('WebsiteDistribution', {

    origins: [{

        domainName: websiteBucket.bucketRegionalDomainName,

        originPath: '',

    }],

    enabled: true,

    defaultRootObject: 'index.html',

    priceClass: PriceClass.PriceClass_100,

});

// DNS automation

const record = new route53.ARecord('WebsiteAlias', {

    zoneId: zone.zoneId,

    name: 'dev-portfolio.com',

    aliases: [{

        name: distribution.domainName,

        zoneId: distribution.hostedZoneId,

    }],

});
Enter fullscreen mode

Exit fullscreen mode

Best Practices:

  1. Environment-specific configurations using .env files

  2. Custom Pulumi stack selector for multi-environment management

  3. Automated cost estimation via pulumi import commands

  4. Security group rules limited to CloudFront IP ranges

  5. Automated deployment notifications through Slack integration



Submission Checklist

✅ Working production deployment

✅ Comprehensive documentation

✅ Automated testing workflow

✅ Cost optimization analysis

✅ Security vulnerability scan results

Thanks ….



Source link