Work performed

What was actually built

A simple record of implementation work, not a product pitch.

Topology

Regional segmentation with cross-region transit planning

Click a segment to review its purpose, CIDR plan, route intent, and security notes. The diagram now separates a primary region from a standby/replication region so future DR or replication requirements can be discussed without assuming a flat network.

Traffic intent

Allowed, blocked, inspected, and planned paths

The goal is to document why a route should exist, not only whether it exists.

Source Destination Status Control Reason

Validation

Current findings

These findings are written as the checks I want the lab to prove: intended paths should work, restricted paths should fail, and internet-bound paths should follow the inspection model.

Example operator workflow

make local
make package

cd terraform/hosting
terraform init
terraform plan

# optional AWS lab is separate
cd ../lab
terraform init
terraform plan -var="deploy_lab=false"

# after hosting outputs are known
export SITE_BUCKET=<bucket>
export CLOUDFRONT_DISTRIBUTION_ID=<distribution>
../../scripts/deploy_dashboard.sh

Tooling

Tools included in the repo

Added to make the project easier to host, validate, and maintain.

Hosting model

Public URL without exposing the lab

The public URL should host only the sanitized dashboard. The live AWS networking lab can remain private, with scrubbed findings exported into the static JSON files when you want to update the site.

  • Private S3 bucket for dashboard files
  • CloudFront distribution with Origin Access Control
  • ACM certificate for HTTPS
  • Route 53 alias record for the subdomain
  • Deploy script for S3 sync and CloudFront invalidation
  • Separate optional AWS networking lab with cross-region route planning

Target URL

cloudmesh.packetrobasn.com

Hosting path

Route 53
  -> CloudFront
  -> private S3 bucket
  -> static dashboard