🧠 Understanding the Serverless Architecture
The architecture is fully event-driven: User uploads an image to the source S3 bucket S3 emits an ObjectCreated event AWS Lambda is triggered automatically Lambda processes the image using Python (Pillow) Output images are saved to a destination S3 bucket Execution logs are written to CloudWatch Logs
No servers. No scaling logic. No manual intervention.
🏗 AWS Resources Created with Terraform
Terraform provisions and manages:
_S3 Source Bucket Versioning enabled Encryption enabled Private access ** S3 Destination Bucket** Stores processed images
IAM Role for Lambda Least-privilege access to S3 CloudWatch logging permissions
Lambda Function Python runtime Environment variables
Lambda Layer Contains Pillow d…
🧠 Understanding the Serverless Architecture
The architecture is fully event-driven: User uploads an image to the source S3 bucket S3 emits an ObjectCreated event AWS Lambda is triggered automatically Lambda processes the image using Python (Pillow) Output images are saved to a destination S3 bucket Execution logs are written to CloudWatch Logs
No servers. No scaling logic. No manual intervention.
🏗 AWS Resources Created with Terraform
Terraform provisions and manages:
_S3 Source Bucket Versioning enabled Encryption enabled Private access ** S3 Destination Bucket** Stores processed images
IAM Role for Lambda Least-privilege access to S3 CloudWatch logging permissions
Lambda Function Python runtime Environment variables
Lambda Layer Contains Pillow dependency
S3 Event Notification Triggers Lambda on file upload ** CloudWatch Log Group_**
All resources are fully automated and reproducible
🔐 IAM & Security (Least Privilege)
The Lambda execution role is tightly scoped: s3:GetObject on source bucket s3:PutObject on destination bucket logs:CreateLogGroup logs:CreateLogStream logs:PutLogEvents
This ensures: No unnecessary permissions Reduced blast radius Production-grade security posture
🐳 Fixing Dependency Issues with Docker
To solve compatibility problems: Dependencies are built inside a Docker container Docker image matches AWS Lambda runtime Pillow is compiled correctly for Lambda Layer is zipped and deployed via Terraform
This ensures: ✔ Runtime compatibility ✔ Predictable builds ✔ No import errors
This step reflects real-world serverless best practice.
⚙️ Deployment Automation
Deployment is automated using shell scripts: Build Lambda layer Package dependencies Initialize Terraform Run terraform plan and terraform apply
This removes: Manual repetition Environment inconsistencies Human error
🧪 Testing the Pipeline
Testing flow: Upload an image to the source S3 bucket Lambda is triggered automatically Image is processed Multiple output variants appear in destination bucket
Execution details are visible in CloudWatch logs: Execution time Memory usage Billing duration This validates the entire event-driven pipeline.
🏁 Conclusion
Day 18 demonstrates how Terraform and serverless computing work together to build scalable, cost-efficient, and production-ready systems.
By combining: Event-driven design Infrastructure as code Secure IAM practices Docker-based dependency management this project shows real-world serverless automation done correctly.
This is not a demo — this is how modern cloud systems are built and operated.