d1-personal-note: Serverless Personal Note-Taking Application

d1-personal-note is a cloud-native, serverless personal note-taking application designed with security, scalability, and cost-efficiency in mind. Built entirely on AWS using modern architectural patterns and DevSecOps best practices, this application demonstrates a production-ready implementation of serverless technologies.

The application follows a serverless-first architecture with no servers to manage, pay-per-use pricing, and automatic scaling. It features a modern React-based Single Page Application (SPA) frontend, secure JWT authentication via AWS Cognito, WAF protection, CloudWatch metrics and X-Ray tracing for observability, and cost-optimized on-demand pricing with automatic scaling to zero.

Core Features

  • Create, Read, Update & Delete Notes

  • Tag-based Organization & Filtering

  • Search by Title & Content

  • Cursor-based Pagination

  • AWS Cognito Authentication

  • Responsive Design (Mobile, Tablet, Desktop)

Architecture & Tech Stack

The application consists of three main tiers: Frontend Tier (React 18.3 + TypeScript + Vite hosted on S3 with CloudFront CDN), API Tier (Node.js 24.x Lambda functions behind API Gateway with Cognito authorization), and Data Tier (DynamoDB for notes storage with encryption at rest and point-in-time recovery).

The infrastructure is fully automated using Terraform for resource provisioning and AWS SAM for serverless deployment. The DevSecOps pipeline includes comprehensive security scanning with Checkov, Semgrep, Gitleaks, OWASP Dependency Check, and OWASP ZAP, integrated into GitHub Actions for continuous integration and deployment.

Security & Best Practices

Security is built into every layer: AWS Cognito handles user authentication with SRP protocol, API Gateway validates JWT tokens for authorization, all traffic is secured with TLS 1.2+ and HTTPS enforcement, data is encrypted at rest in DynamoDB and S3, and AWS WAF provides protection against common attacks using OWASP Core Rule Set with rate limiting.

The application follows best practices including Infrastructure as Code, automated testing (unit tests with Jest and Vitest), comprehensive monitoring with CloudWatch alarms and X-Ray tracing, disaster recovery strategy with automated backups, and incident response procedures with automation scripts.

🔗 Project Links:
Repository: https://github.com/fikriimujahid/d1-personal-note
Live Demo: https://d1.fikri.dev/notes

Project Details

Name: d1-personal-note
Author: Fikri Mujahid
Date: December 2024 - Present
Stack: AWS Serverless
Frontend: React + TypeScript
Backend: Lambda + DynamoDB
IaC: Terraform + AWS SAM
Status: Production Ready

© . All rights reserved by Fikri.dev