{"type":"video","version":"1.0","html":"","height":861,"width":1148,"provider_name":"Loom","provider_url":"https://www.loom.com","thumbnail_height":861,"thumbnail_width":1148,"thumbnail_url":"https://cdn.loom.com/sessions/thumbnails/66702ae923074b529204650ea497eeb6-d9eac50f33b2baee.gif","duration":471.184,"title":"Production Zero Trust S3, CloudFront, Terraform","description":"Today I’m walking you through my production ready zero trust infrastructure build for a private Next.js site. I use Terraform to provision a private S3 bucket secured with CloudFront origin access control, plus routing support for Next.js 404s. My CI CD runs via GitHub Actions with OIDC, no long lived IAM keys, and a pull request build gate that blocks merges on failures. I also cover remote Terraform state in S3 with native S3 state locking. No action is requested from you."}