Project Deep Dive

DocVault

DocVault is a serverless document management system built to explore secure access, cloud-native architecture, and infrastructure automation using AWS and Terraform.

Overview

The goal of DocVault was not just to store files, but to understand how authentication, authorization, backend logic, and cloud services work together in a real-world system. The project uses a fully serverless architecture and is deployed automatically using a GitLab CI/CD pipeline backed by Terraform.

Architecture & Technology Choices

  • • Frontend hosted as a static website on Amazon S3
  • • Backend implemented using AWS Lambda with Node.js
  • • API layer exposed via AWS API Gateway
  • • Documents stored securely in Amazon S3 using presigned URLs
  • • User data and metadata stored in DynamoDB
  • • JWT-based authentication for secure access control

Presigned URLs were used to allow secure uploads and downloads directly to S3 without exposing credentials or routing file data through the backend.

Project Structure

frontend/
  └── public/
      ├── index.html
      ├── register.html
      ├── dashboard.html
      └── style.css

lambda/
  ├── index.js
  └── package.json

terraform/
  ├── main.tf
  ├── variables.tf
  ├── outputs.tf
  └── backend.tf

.gitlab-ci.yml

Infrastructure as Code & CI/CD

Infrastructure provisioning and deployment are fully automated using Terraform and GitLab CI/CD. All AWS resources are defined declaratively, and environment-specific values are injected using CI/CD variables.

  • • Terraform manages S3, Lambda, API Gateway, and DynamoDB
  • • Remote Terraform state stored in S3 with DynamoDB locking
  • • GitLab CI/CD pipeline handles build, validate, plan, and apply stages
  • • Frontend deployment automated during the apply stage

Key Learnings

  • • How authentication and authorization affect system design
  • • Secure file handling using presigned URLs
  • • Managing cloud infrastructure using Terraform
  • • CI/CD-driven infrastructure deployment workflows
  • • Trade-offs of serverless architectures

Future Improvements

  • • Password recovery via email or OTP
  • • Multi-user document sharing
  • • Improved file previews
  • • Expanded CI/CD testing stages
GitHub Repository →← Back to Projects