video1.0<iframe src="https://www.loom.com/embed/66702ae923074b529204650ea497eeb6" frameborder="0" width="1148" height="861" webkitallowfullscreen mozallowfullscreen allowfullscreen></iframe>8611148Loomhttps://www.loom.com8611148https://cdn.loom.com/sessions/thumbnails/66702ae923074b529204650ea497eeb6-d9eac50f33b2baee.gif471.184Production Zero Trust S3, CloudFront, TerraformToday I’m walking you through my production ready zero trust infrastructure build for a private Next.js site. I use Terraform to provision a private S3 bucket secured with CloudFront origin access control, plus routing support for Next.js 404s. My CI CD runs via GitHub Actions with OIDC, no long lived IAM keys, and a pull request build gate that blocks merges on failures. I also cover remote Terraform state in S3 with native S3 state locking. No action is requested from you.