Text-to-Speech Serverless App — Phase 5: Infrastructure as Code with Terraform

Phase 5 replaces all console-created resources with Terraform, making the entire backend reproducible and version-controlled.

What I Defined in Terraform

• Three Lambda functions (submit, process, retrieve) with IAM execution roles scoped to least privilege
• API Gateway with routes, Cognito authorizer integration, and CORS configuration
• DynamoDB table with partition key and on-demand billing
• S3 bucket with appropriate policies for audio file storage
• SNS topic with Lambda subscription and invoke permissions
• Cognito User Pool and app client for authentication

Terraform Workflow

terraform init     # Download providers
terraform plan     # Preview what will change
terraform apply    # Create or update resources
terraform destroy  # Tear down everything cleanly

The entire backend — eight interconnected AWS services — stands up with a single terraform apply and tears down cleanly with terraform destroy. No manual steps, no console drift.

Project Takeaways

Building this app end-to-end — from React/Cognito auth through three Lambda functions, SNS-decoupled processing, Polly/Translate integration, S3 storage, and Terraform IaC — gave me deep, practical experience with the AWS serverless ecosystem. Every component is automated, reproducible, and secured with least-privilege IAM.