Features • Architecture • Tech Stack • API Reference • Getting Started

SecureMiniCloud is a comprehensive private cloud infrastructure platform engineered to replicate core capabilities of major cloud providers (like AWS). Built from the ground up, it offers a robust mix of Object Storage (S3-equivalent), Container Orchestration (EC2-equivalent), and Identity Access Management (IAM), all secured with encryption and monitored in real-time.

• Object Storage (Mini-S3): Upload, retrieve, and manage files securely. Powered by MinIO.
• Container Orchestration (Mini-EC2): Dynamically spawn and terminate isolated computing environments (Node.js, Python, Nginx) programmatically via Docker Engine API.

• Zero-Knowledge Architecture Prep: AES-256 encryption applied to files before they are sent to the storage buckets.
• Role-Based Access Control (RBAC): Strict permissions matrices. Admins orchestrate servers; Users manage files.
• JSON Web Tokens (JWT): Secure, stateless authentication flow.

• Intrusion & Audit Logging: Comprehensive monitoring of user actions, failed logins, and resource mutations safely logged to MongoDB.
• Telemetry Server: Integration with Prometheus metrics and beautiful Grafana dashboards mimicking AWS CloudWatch.

graph TD
    UI[Frontend: React Dashboard] --> |HTTPS| API(Backend: Node.js/Express API Server)
    
    subgraph IAM Layer
    API --> |Auth| JWT[JWT & bcrypt]
    end

    subgraph Infrastructure Services
    API --> |Mongoose| DB[(MongoDB)]
    API --> |S3 Protocol| ObjectStorage[(MinIO Storage)]
    API --> |Docker Socket| Compute[Docker Containers]
    end

    subgraph Observability
    API --> |Metrics Endpoint| Prometheus[Prometheus]
    Prometheus --> Grafana[Grafana Dashboard]
    end

• POST /register - Register a new user (User or Admin).
• POST /login - Authenticate and retrieve JWT token.
• GET /me - Get current authenticated user details.

• GET / - List all encrypted objects in the cloud bucket.
• POST /upload - Upload file (Encrypted automatically via AES-256 in memory).
• GET /download/:filename - Stream and decrypt a specific object.

Protected by Admin RBAC

• GET / - List all dynamically spawned user instances.
• POST /create - Spin up a new micro-server (Node, Python, Nginx).
• POST /:id/stop - Gracefully stop an instance.
• DELETE /:id - Terminate and remove an instance.

• Node.js (v18+)
• Docker & Docker Compose (Critical for spinning up infrastructure and Mini EC2 instances)
• Git

Spin up MongoDB, MinIO, Prometheus, and Grafana.

git clone https://github.com/yourusername/SecureMiniCloud.git
cd SecureMiniCloud
docker compose up -d

The backend requires access to the Docker Socket to spawn mini containers. Running it natively on the host is the easiest way.

cd backend
npm install
npm run dev
# Server runs on http://localhost:5000

cd frontend
npm install
npm run dev
# Dashboard available on http://localhost:5173

For engineering recruiters & teams, this project demonstrates high proficiency in:

1. Cloud Architecture Fundamentals: Demonstrating an understanding of how S3 and EC2 compute nodes actually operate under the hood.
2. Applied Cryptography: Real-world use of crypto / AES-256 for data preservation at rest.
3. IAM Construction: Developing a scalable JWT API with strict Role-Based access methodologies.
4. DevOps & Observability: Implementing a robust observability pipeline using Prometheus/Grafana.

Engineered with security and scale in mind...!