Nexu — AWS DevOps & Infra
Nexu is an AWS-native infrastructure project demonstrating Terraform automation, secure VPC architecture, Amazon EKS provisioning, AWS ECR workflows, and a serverless alerting pipeline. It focuses on clean DevOps foundations without deploying app-level workloads.
Screenshots of all the AWS services implemented in this project.
ARCHITECTURE OVERVIEW
Infrastructure Layout
All resources are provisioned using Terraform with a secure remote backend (S3 state, DynamoDB locking, KMS encryption). The environment includes a production-grade VPC distributed across multiple Availability Zones with public and private subnets.
Amazon EKS is deployed with a Managed Node Group and a Fargate profile, ensuring compatibility with both serverless and node-based workloads.
Service Inventory
Compute: EKS, Fargate
Containers: ECR
Storage: S3 (static site)
Networking: VPC, Subnets, IGW, NAT
Security: IAM, KMS, OIDC IRSA
Automation: Lambda, SNS, API Gateway
Delivery (Terraform-based): VPC, EKS, ECR, Alerting Pipeline
CI/CD PIPELINE (DEFINED)
A fully AWS-native CI/CD pipeline has been implemented in Terraform using CodePipeline, CodeBuild (build), and CodeBuild (deploy). This pipeline builds Docker images, pushes them to ECR, and applies updated Kubernetes manifests to the EKS cluster.
Note: At the time of development, AWS CodeStar Connections was not available in the ap-south-1 (Mumbai) region. This prevents the pipeline from connecting to SourceHut/GitHub, so the CI/CD cannot be executed here. However, all Terraform code is included and ready to use in regions where CodeStar Connections is supported.
SERVERLESS ALERT PIPELINE
Alerting Architecture
Nexu includes a fully-functional AWS alerting pipeline using API Gateway, Lambda, and SNS.
Any system can trigger alerts by sending an HTTP POST request to the API Gateway endpoint. Lambda processes the payload and publishes it to an SNS topic, allowing notifications to be delivered to email, Slack (via Chatbot), or other integrations.