Preston Agbor
Cloud & Cybersecurity Portfolio
LIVE

Cloud & Cybersecurity Lab

Hey, I’m Preston.

I’m CompTIA Security+, AWS Cloud & AI Practitioner certified, and i'm a Western Governors University Cybersecurity student, and AWS Skills Center Arlington staff member. This site is my live lab where I deploy real AWS projects, break things (safely), fix them, and document what I learn as I go.

Focus: AWS cloud, security, and real-world labs Certs: Security+ • AWS Cloud • AWS AI Practitioner Stack: S3 static hosting • CloudFront • IAM + MFA
View projects & labs See Forge (AI app)

Live Lab Journal

What I’ve actually deployed, tested, or broken lately – with an AWS and security angle.

Now shipping
Static portfolio on Amazon S3

Hosting this site as a static website from an S3 bucket in us-east-1, served globally through Amazon CloudFront. Using separate IAM users for admin vs. dev access, all protected with MFA.

S3 static hosting CloudFront distribution IAM users & groups
Up next
HTTPS + custom domain

Next step is attaching a custom domain (like prestonagbor.com) using Amazon Route 53 and an ACM certificate so this portfolio is served over HTTPS with a clean URL and proper TLS termination at CloudFront.

Route 53 ACM TLS / HTTPS
Planned
Serverless contact form

Design a simple “Contact Me” API using API Gateway + Lambda + Amazon SES to send emails from this site without exposing any credentials in the front-end, with logging and IAM least privilege.

API Gateway Lambda SES Serverless

Every time I finish a lab, I’ll add a short write-up here – what I tried, what broke, and what I’d do differently next time.

Cloud & Security Focus

Not just a list of buzzwords – these are the areas I’m actively learning and applying.

AWS core • Foundations

  • S3 static hosting, CloudFront distributions, IAM users/groups, MFA, and understanding how requests actually flow.
  • Pushing everything through an AWS-native stack so I can talk through diagrams, not just theory.
  • Cost awareness using AWS free-tier friendly patterns for portfolios and labs.

Security • Defensive mindset

  • CompTIA Security+ foundations: identity, access control, network security, risk, and incident response.
  • IAM least privilege, MFA everywhere, and avoiding public buckets unless there’s a deliberate reason.
  • Planning “misconfig and fix” labs to practice detection, response, and documentation.

Tooling & workflow

  • Comfortable inside the AWS Console, reading docs, and mapping architecture diagrams to real configurations.
  • Building repeatable patterns I can later move into IaC or automation.

Front-end & UX

  • Clean, simple UIs like this portfolio – pink/red accents, dark theme, and clear sections over flashy animations.
  • Treating this site as a living “cloud résumé” that updates as my skills grow.

Forge

My AI product build — designed to be useful, shipped like a real app, and powered by AWS.

AI PRODUCT IN BUILD
Forge — Build skills. Build careers.
Forge is an AI-powered coach that helps users learn faster and convert that learning into career results. Two modes, one engine: Study Mode and Career Mode.
Get updates GitHub ↗
Goal: App Store-ready Build: Server-side AI + AWS Focus: Simple, useful, shippable
Study Mode
Build skills

Turn notes into quizzes, study plans, and clear explanations — “plain English” first, then real terms.

  • Notes → quiz questions
  • Concept breakdowns
  • Study plan generator
Career Mode
Build careers

Take a resume + job posting and produce role-matched bullets, skill gaps, and interview prep that’s actually relevant.

  • ATS-ready bullet rewrites
  • Skill gap summary
  • Interview questions + STAR prep
AWS: Lambda • API Gateway • Cognito • DynamoDB • S3 Security: least privilege • logging • rate limits Status: MVP planning → build

Projects & Lab Ideas

A growing list of things I’ve built or am planning to ship in this lab.

Deployed
Portfolio infrastructure on AWS

Static site hosted on S3, distributed globally with CloudFront, protected by IAM users and MFA. The main goal here was to understand how each piece talks to the other and how to keep it locked down while still being publicly accessible.

S3 static hosting CloudFront distribution IAM hardening
Designing
“Break & Fix” security lab

Intentionally misconfigure S3 or IAM in a safe environment, then walk back through how to detect, fix, and prevent the issue using logging and CloudTrail-style workflows.

Misconfig simulation Detection & response
Planned
Cloud résumé & cert tracker

A front-end section that tracks certs (Security+, AWS Cloud, AWS AI Practitioner) and future goals, backed by structured data or a small API later.

Portfolio UX Cert timeline

Experience Snapshot

How this portfolio ties into my work and education.

AWS Skills Center (Arlington)

Guest Services & Cloud Learning • Customer-facing
I work inside an AWS learning space, helping people get hands-on with the cloud. This portfolio lets me practice the same concepts I talk about on the job and turn them into real, visible projects.

WGU – B.S. Cybersecurity & Info Assurance

Student • Security foundations & labs
Studying core security concepts while applying them here: identity, network security, risk, and incident response — plus building a habit of documenting what I do.

Hands-on certifications

CompTIA Security+ • AWS Certified Cloud Practitioner • AWS Certified AI Practitioner
This site is where those certs turn into something visible: configs, diagrams, and write-ups instead of just badges on a profile.

What I’m aiming for

Entry-level roles across cloud, support, or security where I can keep building on AWS, contribute to real workloads, and bring this “lab in public” mindset to a team.

AWS Skills Center Arlington • Events & Classes

I work at the AWS Skills Center in Arlington and stay close to the training and events happening in the space. Here are some current offerings and examples of what we run there.

AI Learning Series • Ongoing
Becoming an AI Practitioner (Parts 1–5)

A 5-part series that walks through AI foundations, generative AI, prompts, foundation models, customization, and responsible AI — designed to help you prepare for the AWS Certified AI Practitioner exam.

Register for free classes ↗
Exam prep • Skills Center
Exam Prep – AWS Certified AI Practitioner (AIF-C01)

A skills-focused session that covers the exam structure, domains, sample questions, and test-taking strategies for the AWS Certified AI Practitioner exam, delivered from the Skills Center.

View exam prep offering ↗
Networking • Arlington
Check back soon for January's Networking Event

Greatness is on its way! ;)

Location: AWS Skills Center Arlington, 1550 G Crystal Drive, Arlington, VA 22202.

Event details & registration ↗

For the full list of current classes and events, visit the official AWS Skills Center Arlington page .

Contact & Socials

Want to get in touch? I'm open to entry-level cloud / security roles and good conversations.

If you want to talk about cloud, security, or how I’m building this portfolio on AWS, reach out. I’m actively building skills and documenting everything here so you can see the progress.

Email Preston LinkedIn GitHub
Live Lab Journal
Static portfolio on Amazon S3
Deployed • us-east-1 • S3 + CloudFront + IAM
S3 website hosting CloudFront cache invalidation IAM users & MFA

This portfolio started as a simple HTML file sitting on my laptop. I wanted it to actually live on AWS the same way I talk about to learners every day at the Skills Center, so I turned it into a real deployment.

I created a dedicated S3 bucket, turned on static website hosting, and uploaded index.html. At first, everything looked fine… until I fronted it with CloudFront and realized changes weren’t showing up when I updated the file.

That’s where I hit my first “break & fix” moment: CloudFront was happily serving old cached versions of my site even though S3 had the new file. The fix was learning how invalidation actually works.

  • I learned to invalidate specific paths like /index.html and / instead of nuking the entire cache every time.
  • I wired updates into a simple routine: upload new file → create invalidation → confirm through the CloudFront URL.
  • I separated admin IAM credentials from “everyday” access and locked everything behind MFA so I’m not casually using a root-style account to update a website.

Now, when I change this page, I actually understand what’s happening between: browser → CloudFront edge location → S3 origin bucket → IAM controls. It’s not just a static résumé anymore – it’s a small, living architecture I can confidently walk through in an interview.

Live Lab Journal
Planning HTTPS + a custom domain
Design phase • Route 53 + ACM + CloudFront
Route 53 hosted zones ACM public certificates TLS termination at CloudFront

Right now this portfolio lives at a CloudFront distribution URL. It works, but it doesn’t feel like a real brand yet. The next move is to hang it off a custom domain like prestonagbor.com and make sure everything is served over HTTPS with a clean lock in the browser.

The plan is:

  • Register or point a domain into Route 53.
  • Create a public certificate in ACM in the same region as CloudFront (us-east-1).
  • Attach that certificate to the CloudFront distribution and add the domain as an alternate CNAME.
  • Update Route 53 records so the domain points at the CloudFront distribution, not directly at S3.

The security mindset here is simple: the only public entry point should be CloudFront, with TLS terminating there. S3 stays private behind “origin access” and IAM, and the browser only ever sees an https:// URL with a valid certificate.

Once this is live, this section will turn into a full post with screenshots and before/after diagrams of the DNS and TLS flow.

Live Lab Journal
Designing a serverless contact form
Planned • API Gateway + Lambda + SES
Serverless pattern No secrets in the front-end Least privilege IAM roles

Right now, “Contact” is just a mailto link. It works, but it doesn’t teach me much about building real backends. The goal of this lab is to replace that with a tiny serverless API that accepts a message and drops it into my inbox.

The rough design:

  • Front-end form on this site posts JSON to an API Gateway endpoint.
  • API Gateway triggers a Lambda function that validates the payload and formats an email.
  • Lambda uses Amazon SES to send the email to me.
  • CloudWatch Logs capture each request for basic observability.

Security-wise, the interesting part is IAM: the Lambda role should only be able to send messages via SES, not do anything else. No API keys or SMTP credentials will live in the JavaScript – everything sensitive stays behind the AWS boundary.

Once built, this will be a clean example I can reference when talking about serverless, API design, and least privilege in interviews.

Project Story
Turning a static page into real AWS infrastructure
Deployed • S3 + CloudFront + IAM
Infra as a learning tool Least privilege in practice

The first version of this portfolio could have lived on any random hosting site, but that wouldn’t line up with where I’m trying to go in my career. I wanted the infra itself to tell a story.

I set up:

  • A dedicated S3 bucket just for the portfolio static assets.
  • A CloudFront distribution as the only public-facing entry point.
  • IAM users split by purpose (admin vs. “just upload this file”).

One of the key lessons here was around blast radius. Instead of one all-powerful user, I built smaller, focused identities and enforced MFA. If one set of credentials ever leaked, it wouldn’t mean total account compromise.

This project is simple on paper, but it gives me a concrete example when I talk about AWS, IAM, and secure-by-default thinking.

Project Story
Designing a “break & fix” security lab
In progress • S3 + IAM + logging
Safe misconfigurations Detection & response practice

Reading about misconfigurations is one thing. Causing them on purpose in a safe environment and then cleaning up is different. This lab is meant to give me those reps without putting anything real at risk.

Example scenarios I’m planning:

  • Opening an S3 bucket to the world, then tracing how that would be spotted and fixed.
  • Weak or overly broad IAM policies, then tightening them down to least privilege.
  • Reviewing logs to understand what actually happened during a “mistake.”

The goal is to get comfortable talking through: what went wrong, how I knew, which AWS tools I used to see it, and how I’d prevent it next time. That’s the whole point of a break & fix lab.

Project Story
Planning a cloud résumé & cert tracker
Planned • Front-end + data model
Career narrative Cert timeline

Instead of just listing certs on LinkedIn, I want a page that actually shows the journey: what I studied, what labs I built around each cert, and what I want to stack next.

The idea is to keep the data structured enough that I could later back it with a small API or pull it from something like DynamoDB, but keep the first version simple: JSON or a static data block feeding the UI.

When this is built, a recruiter should be able to land on one page and see: timeline, skills, labs, and where I’m trying to go next — all backed by the AWS infra it runs on.