diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..afe9e3e
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,59 @@
+# Create the S3 bucket.
+
+resource "aws_s3_bucket" "portfolio_bucket" {
+  bucket = var.bucket_name
+
+  tags = {
+    Name        = "Portfolio Bucket"
+    Environment = "Production"
+  }
+}
+
+resource "aws_s3_bucket_public_access_block" "portfolio_bucket_access" {
+  bucket = aws_s3_bucket.portfolio_bucket.id
+
+  block_public_acls   = false
+  block_public_policy = false
+}
+
+resource "aws_s3_bucket_versioning" "portfolio_bucket_access_versioning" {
+  bucket = aws_s3_bucket.portfolio_bucket.id
+
+  versioning_configuration {
+    status = "Disabled"
+  }
+}
+
+#------------------------------------------------------------------------------#
+
+# Give a user access.
+
+data "aws_iam_policy_document" "portfolio_bucket_policy_doc" {
+  statement {
+    effect  = "Allow"
+    actions = ["s3:*", "s3-object-lambda:*"]
+    resources = [
+      "${aws_s3_bucket.portfolio_bucket.arn}/*",
+      "${aws_s3_bucket.portfolio_bucket.arn}"
+    ]
+  }
+}
+
+resource "aws_iam_policy" "portfolio_bucket_policy" {
+  name        = "${var.role_name}Policy"
+  description = "The policy that manages the Portfolio Bucket."
+  policy      = data.aws_iam_policy_document.portfolio_bucket_policy_doc.json
+}
+
+resource "aws_iam_user" "portfolio_bucket_user" {
+  name = "${var.role_name}User"
+}
+
+resource "aws_iam_user_policy_attachment" "portfolio_bucket_attachment" {
+  user       = aws_iam_user.portfolio_bucket_user.name
+  policy_arn = aws_iam_policy.portfolio_bucket_policy.arn
+}
+
+resource "aws_iam_access_key" "portfolio_bucket_key" {
+  user = aws_iam_user.portfolio_bucket_user.name
+}
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
new file mode 100644
index 0000000..24304a3
--- /dev/null
+++ b/terraform/outputs.tf
@@ -0,0 +1,16 @@
+output "access_region" {
+  value = aws_s3_bucket.portfolio_bucket.region
+  description = "This is the region of the bucket."
+}
+
+output "access_id" {
+  value = aws_iam_access_key.portfolio_bucket_key.id
+  description = "This is the access ID to modify the bucket."
+  sensitive = true
+}
+
+output "access_secret" {
+  value = aws_iam_access_key.portfolio_bucket_key.secret
+  description = "This is the access secret to modify the bucket."
+  sensitive = true
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 0000000..7a33d76
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,9 @@
+variable "bucket_name" {
+  type = string
+  description = "The name of the bucket to create."
+}
+
+variable "role_name" {
+  type = string
+  description = "The base name for the role to modify the bucket."
+}
\ No newline at end of file