GitHub Actions CI/CD pipeline orchestrating infrastructure and application deployment to AWS EKS with automated security scanning and approval gates. Pull requests trigger Trivy vulnerability scans, code owner reviews, and automated tests before merging to main, which initiates parallel Terraform infrastructure provisioning and Docker container builds. The infrastructure pipeline provisions VPC, EKS, MongoDB VM, and S3 via terraform plan and terraform apply, while the application pipeline builds, scans, and pushes images to ECR before deploying to Kubernetes. This architecture enforces security-first practices with image scanning, infrastructure-as-code validation, and CloudWatch monitoring for production observability. Fork and customize this diagram to adapt the approval gates, scanning tools, or AWS resource configuration to your team's deployment standards. The dual-pipeline pattern separates infrastructure changes from application updates, reducing blast radius and enabling independent rollback capabilities.