Work performed
What was actually built
A simple record of implementation work, not a product pitch.
Topology
Regional segmentation with cross-region transit planning
Click a segment to review its purpose, CIDR plan, route intent, and security notes. The diagram now separates a primary region from a standby/replication region so future DR or replication requirements can be discussed without assuming a flat network.
Traffic intent
Allowed, blocked, inspected, and planned paths
The goal is to document why a route should exist, not only whether it exists.
| Source | Destination | Status | Control | Reason |
|---|
Validation
Current findings
These findings are written as the checks I want the lab to prove: intended paths should work, restricted paths should fail, and internet-bound paths should follow the inspection model.
Example operator workflow
make local
make package
cd terraform/hosting
terraform init
terraform plan
# optional AWS lab is separate
cd ../lab
terraform init
terraform plan -var="deploy_lab=false"
# after hosting outputs are known
export SITE_BUCKET=<bucket>
export CLOUDFRONT_DISTRIBUTION_ID=<distribution>
../../scripts/deploy_dashboard.sh
Tooling
Tools included in the repo
Added to make the project easier to host, validate, and maintain.
Hosting model
Public URL without exposing the lab
The public URL should host only the sanitized dashboard. The live AWS networking lab can remain private, with scrubbed findings exported into the static JSON files when you want to update the site.
- Private S3 bucket for dashboard files
- CloudFront distribution with Origin Access Control
- ACM certificate for HTTPS
- Route 53 alias record for the subdomain
- Deploy script for S3 sync and CloudFront invalidation
- Separate optional AWS networking lab with cross-region route planning
Target URL
cloudmesh.packetrobasn.com
Hosting path
Route 53
-> CloudFront
-> private S3 bucket
-> static dashboard