Releases: MrGuato/AWS-Cloud-Challenge
Release v1.2
I am thrilled to announce the release of version 1.2 of the MrGuato AWS-Cloud-Challenge project. This release marks a major step forward in showcasing full-stack cloud capabilities by integrating a second live, serverless API into my personal resume website.
🆕 New Features
Star Wars Fact API (Serverless Lambda)
A brand new API built with AWS Lambda and API Gateway now powers a fun interactive feature on cloud.mrcyberleon.org. Visitors can fetch random Star Wars x Cybersecurity facts in real-time — a great example of serverless architecture in action.
API CI/CD via GitHub Actions
The backend Lambda function is deployed automatically via GitHub Actions, using the Serverless Framework and secure environment secrets. This ensures seamless updates and continuous integration with proper permission management.
✨ Enhancements
JavaScript Integration
The frontend now includes dynamic JavaScript that consumes the new API and updates the UI without refreshing the page.
Custom CORS Configuration
The Lambda/API Gateway function was updated with secure CORS headers scoped specifically to the domain cloud.mrcyberleon.org, improving both security and frontend interoperability.
Deployment Bucket via GitHub Secret
To ensure infrastructure clarity and security, the deployment bucket used by Serverless is now abstracted and injected through GitHub Secrets, avoiding hardcoded values.
🛠️ Troubleshooting Resolved
Fixed CORS issues preventing frontend API access.
Resolved 502 Bad Gateway errors by verifying Lambda response structure and dependency handling.
Addressed IAM permission issues for ssm:PutParameter, ultimately simplifying by switching to a custom deployment bucket.
Thank you to everyone who continues to support and follow the progress of this project. This release reflects practical, hands-on DevSecOps work — from infrastructure to automation to frontend integration.
Stay tuned for v1.3 — more interactivity, more APIs, and more cloud tech on the way.
Cheers!
MrCyberLeon
v1.1
Release v1.1 - MrGuato AWS-Cloud-Challenge
I am excited to announce the release of version 1.1 of MrGuato AWS-Cloud-Challenge! This update includes significant enhancements and crucial security fixes. Here are the key changes:
🛡️ Security Fixes
- Addressed Vulnerability: I have fixed the issue identified in the advisory @ GHSA-483p-rqgg-87rf by pinning the
jakejarvis/s3-sync-action@v0.5.1to a specific commit SHA. This ensures greater stability and security in the workflows.
✨ Enhancements
- Updated CSS: The visual design and responsiveness have been improved for a better user experience.
- Updated Index: The layout and structure of the index have been enhanced for a more intuitive interface.
🆕 New Features
- Added a Security Policy: A new security policy has been implemented for reporting vulnerabilities. This includes clear guidelines and procedures for responsible disclosure.
- Uptime Robot Integration: I have added Uptime Robot to check the uptime via API, ensuring continuous availability of my services.
- CodeQL for Security Checking: Implemented CodeQL for enhanced security checking, ensuring code quality and security.
- Snyk Security Integration: Added Snyk Security for monitoring Infrastructure as Code (IaC), code, and repository security.
Thank you for your continuous support and contributions to the MrGuato AWS-Cloud-Challenge project!
Happy coding! 🚀
Cheers! ☕