diff --git a/terraform/.gitignore b/terraform/.gitignore
new file mode 100644
index 0000000..a055074
--- /dev/null
+++ b/terraform/.gitignore
@@ -0,0 +1,43 @@
+# Terraform files
+*.tfstate
+*.tfstate.*
+*.tfplan
+*.tfplan.*
+.terraform/
+.terraform.lock.hcl
+
+# Variable files
+terraform.tfvars
+*.auto.tfvars
+
+# Override files
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# CLI configuration files
+.terraformrc
+terraform.rc
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+*tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
diff --git a/terraform/README.md b/terraform/README.md
new file mode 100644
index 0000000..f9a6003
--- /dev/null
+++ b/terraform/README.md
@@ -0,0 +1,141 @@
+# Amplify to Terraform Conversion
+
+This directory contains Terraform configuration files that replicate the AWS Amplify application "profilesapp" infrastructure.
+
+## Original Amplify Application
+
+- **App ID**: d34w1re7vwygyp
+- **Name**: profilesapp
+- **Repository**: https://github.com/abhay-codeium/profilesapp
+- **Default Domain**: d34w1re7vwygyp.amplifyapp.com
+
+## Infrastructure Components
+
+The Terraform configuration creates the following AWS resources:
+
+### Amplify Hosting
+- **aws_amplify_app**: Main Amplify application with GitHub integration
+- **aws_amplify_branch**: Main branch configuration for production deployment
+- Custom routing rules for SPA (404-200 redirect)
+- Build specification matching the original Amplify configuration
+
+### Authentication (Cognito)
+- **aws_cognito_user_pool**: User pool with email-based authentication
+- **aws_cognito_user_pool_client**: Application client for the user pool
+- **aws_cognito_identity_pool**: Identity pool supporting both authenticated and unauthenticated users
+
+### API and Database
+- **aws_appsync_graphql_api**: GraphQL API with IAM authentication
+- **aws_dynamodb_table**: DynamoDB table for Todo items
+- **aws_appsync_datasource**: Connection between AppSync and DynamoDB
+- **aws_appsync_resolver**: GraphQL resolvers for CRUD operations on Todo items
+
+### IAM Roles and Policies
+- Amplify service role with backend deployment permissions
+- Cognito authenticated and unauthenticated user roles
+- AppSync service role for DynamoDB access
+- Appropriate policies for each role
+
+## File Structure
+
+```
+terraform/
+├── main.tf                 # Provider configuration
+├── variables.tf            # Input variables
+├── outputs.tf              # Output values
+├── cognito.tf              # Cognito User Pool and Identity Pool
+├── dynamodb.tf             # DynamoDB table configuration
+├── appsync.tf              # AppSync GraphQL API and resolvers
+├── amplify.tf              # Amplify hosting configuration
+├── iam.tf                  # IAM roles and policies
+├── terraform.tfvars.example # Example variables file
+└── README.md               # This file
+```
+
+## Prerequisites
+
+1. **AWS CLI configured** with appropriate credentials
+2. **Terraform installed** (version >= 1.0)
+3. **GitHub access token** with repository access permissions
+
+## Usage
+
+### 1. Initialize Terraform
+
+```bash
+cd terraform
+terraform init
+```
+
+### 2. Configure Variables
+
+Copy the example variables file and update with your values:
+
+```bash
+cp terraform.tfvars.example terraform.tfvars
+```
+
+Edit `terraform.tfvars` and provide:
+- `github_access_token`: Your GitHub personal access token
+- Other variables as needed (defaults should work for most cases)
+
+### 3. Plan the Deployment
+
+```bash
+terraform plan
+```
+
+### 4. Apply the Configuration
+
+```bash
+terraform apply
+```
+
+### 5. Get Output Values
+
+```bash
+terraform output
+```
+
+## Migration from Amplify
+
+To migrate from the existing Amplify application to this Terraform-managed infrastructure:
+
+1. **Deploy the Terraform configuration** (steps above)
+2. **Update your frontend application** to use the new resource identifiers:
+   - Update Cognito User Pool ID and Client ID
+   - Update AppSync GraphQL endpoint
+   - Update Cognito Identity Pool ID
+3. **Test the new infrastructure** thoroughly
+4. **Delete the original Amplify application** once migration is confirmed
+
+## Key Differences from Original Amplify
+
+- **Resource naming**: Terraform uses consistent naming with the app name prefix
+- **DynamoDB table name**: Includes a random suffix for uniqueness
+- **IAM roles**: Explicitly defined instead of auto-generated by Amplify
+- **GraphQL schema**: Explicitly defined with all resolvers
+
+## Outputs
+
+After applying, Terraform will output important resource identifiers:
+
+- `amplify_app_id`: New Amplify application ID
+- `amplify_default_domain`: Default Amplify domain
+- `cognito_user_pool_id`: Cognito User Pool ID
+- `cognito_user_pool_client_id`: Cognito User Pool Client ID
+- `cognito_identity_pool_id`: Cognito Identity Pool ID
+- `appsync_graphql_url`: AppSync GraphQL endpoint
+- `dynamodb_table_name`: DynamoDB table name
+
+## Cleanup
+
+To destroy all resources:
+
+```bash
+terraform destroy
+```
+
+## Support
+
+For issues or questions about this Terraform configuration, refer to the AWS Terraform provider documentation or the original Amplify application configuration.
diff --git a/terraform/amplify.tf b/terraform/amplify.tf
new file mode 100644
index 0000000..e115431
--- /dev/null
+++ b/terraform/amplify.tf
@@ -0,0 +1,66 @@
+resource "aws_amplify_app" "main" {
+  name       = var.app_name
+  repository = var.repository_url
+
+  access_token = var.github_access_token
+
+  platform = "WEB"
+
+  enable_branch_auto_build    = false
+  enable_branch_auto_deletion = false
+  enable_basic_auth           = false
+
+  build_spec = <<-EOT
+version: 1
+backend:
+  phases:
+    build:
+      commands:
+        - npm ci --cache .npm --prefer-offline
+        - npx ampx pipeline-deploy --branch $AWS_BRANCH --app-id $AWS_APP_ID
+frontend:
+  phases:
+    build:
+      commands:
+        - mkdir ./dist && touch ./dist/index.html
+  artifacts:
+    baseDirectory: dist
+    files:
+      - '**/*'
+  cache:
+    paths:
+      - .npm/**/*
+EOT
+
+  custom_rule {
+    source = "/<*>"
+    status = "404-200"
+    target = "/index.html"
+  }
+
+  iam_service_role_arn = aws_iam_role.amplify_service.arn
+
+  tags = {
+    Name        = var.app_name
+    Environment = var.environment
+  }
+}
+
+resource "aws_amplify_branch" "main" {
+  app_id      = aws_amplify_app.main.id
+  branch_name = "main"
+
+  framework                = "Web"
+  stage                   = "PRODUCTION"
+  enable_notification     = false
+  enable_auto_build       = true
+  enable_basic_auth       = false
+  enable_performance_mode = false
+  ttl                     = "5"
+  enable_pull_request_preview = false
+
+  tags = {
+    Name        = "${var.app_name}-main-branch"
+    Environment = var.environment
+  }
+}
diff --git a/terraform/appsync.tf b/terraform/appsync.tf
new file mode 100644
index 0000000..8d47a52
--- /dev/null
+++ b/terraform/appsync.tf
@@ -0,0 +1,173 @@
+resource "aws_appsync_graphql_api" "main" {
+  authentication_type = "AWS_IAM"
+  name                = "${var.app_name}-api"
+
+  schema = <<EOF
+type Todo @aws_iam {
+  id: ID!
+  content: String
+  createdAt: AWSDateTime!
+  updatedAt: AWSDateTime!
+}
+
+type Query {
+  getTodo(id: ID!): Todo @aws_iam
+  listTodos: [Todo] @aws_iam
+}
+
+type Mutation {
+  createTodo(input: CreateTodoInput!): Todo @aws_iam
+  updateTodo(input: UpdateTodoInput!): Todo @aws_iam
+  deleteTodo(input: DeleteTodoInput!): Todo @aws_iam
+}
+
+input CreateTodoInput {
+  content: String
+}
+
+input UpdateTodoInput {
+  id: ID!
+  content: String
+}
+
+input DeleteTodoInput {
+  id: ID!
+}
+
+type Subscription {
+  onCreateTodo: Todo @aws_subscribe(mutations: ["createTodo"]) @aws_iam
+  onUpdateTodo: Todo @aws_subscribe(mutations: ["updateTodo"]) @aws_iam
+  onDeleteTodo: Todo @aws_subscribe(mutations: ["deleteTodo"]) @aws_iam
+}
+EOF
+
+  tags = {
+    Name        = "${var.app_name}-graphql-api"
+    Environment = var.environment
+  }
+}
+
+resource "aws_appsync_datasource" "todo_table" {
+  api_id           = aws_appsync_graphql_api.main.id
+  name             = "TodoTable"
+  service_role_arn = aws_iam_role.appsync_dynamodb.arn
+  type             = "AMAZON_DYNAMODB"
+
+  dynamodb_config {
+    table_name = aws_dynamodb_table.todo.name
+  }
+}
+
+resource "aws_appsync_resolver" "get_todo" {
+  api_id      = aws_appsync_graphql_api.main.id
+  field       = "getTodo"
+  type        = "Query"
+  data_source = aws_appsync_datasource.todo_table.name
+
+  request_template = <<EOF
+{
+    "version": "2017-02-28",
+    "operation": "GetItem",
+    "key": {
+        "id": $util.dynamodb.toDynamoDBJson($ctx.args.id)
+    }
+}
+EOF
+
+  response_template = <<EOF
+$util.toJson($ctx.result)
+EOF
+}
+
+resource "aws_appsync_resolver" "list_todos" {
+  api_id      = aws_appsync_graphql_api.main.id
+  field       = "listTodos"
+  type        = "Query"
+  data_source = aws_appsync_datasource.todo_table.name
+
+  request_template = <<EOF
+{
+    "version": "2017-02-28",
+    "operation": "Scan"
+}
+EOF
+
+  response_template = <<EOF
+$util.toJson($ctx.result.items)
+EOF
+}
+
+resource "aws_appsync_resolver" "create_todo" {
+  api_id      = aws_appsync_graphql_api.main.id
+  field       = "createTodo"
+  type        = "Mutation"
+  data_source = aws_appsync_datasource.todo_table.name
+
+  request_template = <<EOF
+{
+    "version": "2017-02-28",
+    "operation": "PutItem",
+    "key": {
+        "id": $util.dynamodb.toDynamoDBJson($util.autoId())
+    },
+    "attributeValues": {
+        "content": $util.dynamodb.toDynamoDBJson($ctx.args.input.content),
+        "createdAt": $util.dynamodb.toDynamoDBJson($util.time.nowISO8601()),
+        "updatedAt": $util.dynamodb.toDynamoDBJson($util.time.nowISO8601())
+    }
+}
+EOF
+
+  response_template = <<EOF
+$util.toJson($ctx.result)
+EOF
+}
+
+resource "aws_appsync_resolver" "update_todo" {
+  api_id      = aws_appsync_graphql_api.main.id
+  field       = "updateTodo"
+  type        = "Mutation"
+  data_source = aws_appsync_datasource.todo_table.name
+
+  request_template = <<EOF
+{
+    "version": "2017-02-28",
+    "operation": "UpdateItem",
+    "key": {
+        "id": $util.dynamodb.toDynamoDBJson($ctx.args.input.id)
+    },
+    "update": {
+        "expression": "SET content = :content, updatedAt = :updatedAt",
+        "expressionValues": {
+            ":content": $util.dynamodb.toDynamoDBJson($ctx.args.input.content),
+            ":updatedAt": $util.dynamodb.toDynamoDBJson($util.time.nowISO8601())
+        }
+    }
+}
+EOF
+
+  response_template = <<EOF
+$util.toJson($ctx.result)
+EOF
+}
+
+resource "aws_appsync_resolver" "delete_todo" {
+  api_id      = aws_appsync_graphql_api.main.id
+  field       = "deleteTodo"
+  type        = "Mutation"
+  data_source = aws_appsync_datasource.todo_table.name
+
+  request_template = <<EOF
+{
+    "version": "2017-02-28",
+    "operation": "DeleteItem",
+    "key": {
+        "id": $util.dynamodb.toDynamoDBJson($ctx.args.input.id)
+    }
+}
+EOF
+
+  response_template = <<EOF
+$util.toJson($ctx.result)
+EOF
+}
diff --git a/terraform/cognito.tf b/terraform/cognito.tf
new file mode 100644
index 0000000..54acecf
--- /dev/null
+++ b/terraform/cognito.tf
@@ -0,0 +1,87 @@
+resource "aws_cognito_user_pool" "main" {
+  name = "${var.app_name}-user-pool"
+
+  username_attributes = ["email"]
+  
+  username_configuration {
+    case_sensitive = false
+  }
+
+  password_policy {
+    minimum_length    = 8
+    require_lowercase = true
+    require_numbers   = true
+    require_symbols   = true
+    require_uppercase = true
+  }
+
+  auto_verified_attributes = ["email"]
+
+  email_configuration {
+    email_sending_account = "COGNITO_DEFAULT"
+  }
+
+  schema {
+    attribute_data_type = "String"
+    name                = "email"
+    required            = true
+    mutable             = true
+  }
+
+  tags = {
+    Name        = "${var.app_name}-user-pool"
+    Environment = var.environment
+  }
+}
+
+resource "aws_cognito_user_pool_client" "main" {
+  name         = "${var.app_name}-user-pool-client"
+  user_pool_id = aws_cognito_user_pool.main.id
+
+  generate_secret = false
+
+  explicit_auth_flows = [
+    "ALLOW_USER_SRP_AUTH",
+    "ALLOW_REFRESH_TOKEN_AUTH"
+  ]
+
+  supported_identity_providers = ["COGNITO"]
+
+  read_attributes = ["email"]
+  write_attributes = ["email"]
+
+  token_validity_units {
+    access_token  = "hours"
+    id_token      = "hours"
+    refresh_token = "days"
+  }
+
+  access_token_validity  = 24
+  id_token_validity      = 24
+  refresh_token_validity = 30
+}
+
+resource "aws_cognito_identity_pool" "main" {
+  identity_pool_name               = "${var.app_name}-identity-pool"
+  allow_unauthenticated_identities = true
+
+  cognito_identity_providers {
+    client_id               = aws_cognito_user_pool_client.main.id
+    provider_name           = aws_cognito_user_pool.main.endpoint
+    server_side_token_check = false
+  }
+
+  tags = {
+    Name        = "${var.app_name}-identity-pool"
+    Environment = var.environment
+  }
+}
+
+resource "aws_cognito_identity_pool_roles_attachment" "main" {
+  identity_pool_id = aws_cognito_identity_pool.main.id
+
+  roles = {
+    "authenticated"   = aws_iam_role.cognito_authenticated.arn
+    "unauthenticated" = aws_iam_role.cognito_unauthenticated.arn
+  }
+}
diff --git a/terraform/dynamodb.tf b/terraform/dynamodb.tf
new file mode 100644
index 0000000..c5ebebb
--- /dev/null
+++ b/terraform/dynamodb.tf
@@ -0,0 +1,19 @@
+resource "aws_dynamodb_table" "todo" {
+  name           = "${var.app_name}-Todo-${random_id.table_suffix.hex}"
+  billing_mode   = "PAY_PER_REQUEST"
+  hash_key       = "id"
+
+  attribute {
+    name = "id"
+    type = "S"
+  }
+
+  tags = {
+    Name        = "${var.app_name}-todo-table"
+    Environment = var.environment
+  }
+}
+
+resource "random_id" "table_suffix" {
+  byte_length = 4
+}
diff --git a/terraform/iam.tf b/terraform/iam.tf
new file mode 100644
index 0000000..34b2eb7
--- /dev/null
+++ b/terraform/iam.tf
@@ -0,0 +1,167 @@
+resource "aws_iam_role" "amplify_service" {
+  name = "${var.app_name}-amplify-service-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Action = "sts:AssumeRole"
+        Effect = "Allow"
+        Principal = {
+          Service = "amplify.amazonaws.com"
+        }
+      }
+    ]
+  })
+
+  tags = {
+    Name        = "${var.app_name}-amplify-service-role"
+    Environment = var.environment
+  }
+}
+
+resource "aws_iam_role_policy_attachment" "amplify_service_backend_deploy" {
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess"
+  role       = aws_iam_role.amplify_service.name
+}
+
+resource "aws_iam_role" "cognito_authenticated" {
+  name = "${var.app_name}-cognito-authenticated-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Principal = {
+          Federated = "cognito-identity.amazonaws.com"
+        }
+        Action = "sts:AssumeRoleWithWebIdentity"
+        Condition = {
+          StringEquals = {
+            "cognito-identity.amazonaws.com:aud" = aws_cognito_identity_pool.main.id
+          }
+          "ForAnyValue:StringLike" = {
+            "cognito-identity.amazonaws.com:amr" = "authenticated"
+          }
+        }
+      }
+    ]
+  })
+
+  tags = {
+    Name        = "${var.app_name}-cognito-authenticated-role"
+    Environment = var.environment
+  }
+}
+
+resource "aws_iam_role" "cognito_unauthenticated" {
+  name = "${var.app_name}-cognito-unauthenticated-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Principal = {
+          Federated = "cognito-identity.amazonaws.com"
+        }
+        Action = "sts:AssumeRoleWithWebIdentity"
+        Condition = {
+          StringEquals = {
+            "cognito-identity.amazonaws.com:aud" = aws_cognito_identity_pool.main.id
+          }
+          "ForAnyValue:StringLike" = {
+            "cognito-identity.amazonaws.com:amr" = "unauthenticated"
+          }
+        }
+      }
+    ]
+  })
+
+  tags = {
+    Name        = "${var.app_name}-cognito-unauthenticated-role"
+    Environment = var.environment
+  }
+}
+
+resource "aws_iam_role_policy" "cognito_authenticated_policy" {
+  name = "${var.app_name}-cognito-authenticated-policy"
+  role = aws_iam_role.cognito_authenticated.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Action = [
+          "appsync:GraphQL"
+        ]
+        Resource = "${aws_appsync_graphql_api.main.arn}/*"
+      }
+    ]
+  })
+}
+
+resource "aws_iam_role_policy" "cognito_unauthenticated_policy" {
+  name = "${var.app_name}-cognito-unauthenticated-policy"
+  role = aws_iam_role.cognito_unauthenticated.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Action = [
+          "appsync:GraphQL"
+        ]
+        Resource = "${aws_appsync_graphql_api.main.arn}/*"
+      }
+    ]
+  })
+}
+
+resource "aws_iam_role" "appsync_dynamodb" {
+  name = "${var.app_name}-appsync-dynamodb-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Principal = {
+          Service = "appsync.amazonaws.com"
+        }
+        Action = "sts:AssumeRole"
+      }
+    ]
+  })
+
+  tags = {
+    Name        = "${var.app_name}-appsync-dynamodb-role"
+    Environment = var.environment
+  }
+}
+
+resource "aws_iam_role_policy" "appsync_dynamodb_policy" {
+  name = "${var.app_name}-appsync-dynamodb-policy"
+  role = aws_iam_role.appsync_dynamodb.id
+
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Action = [
+          "dynamodb:DeleteItem",
+          "dynamodb:GetItem",
+          "dynamodb:PutItem",
+          "dynamodb:Query",
+          "dynamodb:Scan",
+          "dynamodb:UpdateItem"
+        ]
+        Resource = aws_dynamodb_table.todo.arn
+      }
+    ]
+  })
+}
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..de757ae
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,13 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = var.aws_region
+}
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
new file mode 100644
index 0000000..3b27818
--- /dev/null
+++ b/terraform/outputs.tf
@@ -0,0 +1,44 @@
+output "amplify_app_id" {
+  description = "Amplify App ID"
+  value       = aws_amplify_app.main.id
+}
+
+output "amplify_default_domain" {
+  description = "Amplify default domain"
+  value       = aws_amplify_app.main.default_domain
+}
+
+output "cognito_user_pool_id" {
+  description = "Cognito User Pool ID"
+  value       = aws_cognito_user_pool.main.id
+}
+
+output "cognito_user_pool_client_id" {
+  description = "Cognito User Pool Client ID"
+  value       = aws_cognito_user_pool_client.main.id
+}
+
+output "cognito_identity_pool_id" {
+  description = "Cognito Identity Pool ID"
+  value       = aws_cognito_identity_pool.main.id
+}
+
+output "appsync_graphql_url" {
+  description = "AppSync GraphQL URL"
+  value       = aws_appsync_graphql_api.main.uris["GRAPHQL"]
+}
+
+output "appsync_api_id" {
+  description = "AppSync API ID"
+  value       = aws_appsync_graphql_api.main.id
+}
+
+output "dynamodb_table_name" {
+  description = "DynamoDB table name"
+  value       = aws_dynamodb_table.todo.name
+}
+
+output "aws_region" {
+  description = "AWS region"
+  value       = var.aws_region
+}
diff --git a/terraform/terraform.tfvars.example b/terraform/terraform.tfvars.example
new file mode 100644
index 0000000..c99b8e0
--- /dev/null
+++ b/terraform/terraform.tfvars.example
@@ -0,0 +1,5 @@
+aws_region = "us-east-2"
+app_name = "profilesapp"
+repository_url = "https://github.com/abhay-codeium/profilesapp"
+github_access_token = "your-github-access-token-here"
+environment = "main"
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 0000000..29222e5
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,29 @@
+variable "aws_region" {
+  description = "AWS region for resources"
+  type        = string
+  default     = "us-east-2"
+}
+
+variable "app_name" {
+  description = "Name of the application"
+  type        = string
+  default     = "profilesapp"
+}
+
+variable "repository_url" {
+  description = "GitHub repository URL"
+  type        = string
+  default     = "https://github.com/abhay-codeium/profilesapp"
+}
+
+variable "github_access_token" {
+  description = "GitHub access token for Amplify"
+  type        = string
+  sensitive   = true
+}
+
+variable "environment" {
+  description = "Environment name"
+  type        = string
+  default     = "main"
+}