diff --git a/.github/workflows/deploy-dev.yml b/.github/workflows/deploy-dev.yml
index 6968986..248de2b 100644
--- a/.github/workflows/deploy-dev.yml
+++ b/.github/workflows/deploy-dev.yml
@@ -49,12 +49,12 @@ jobs:
 
       - if: ${{ steps.cache-api.outputs.cache-hit != 'true' }}
         name: Zip application
-        run: zip -r app.zip . -x ".git/*" ".github/*" "infra/" "docker/" "test/"
+        run: zip -r app.zip . -x ".git/*" ".github/*" "infra/*" "docker/*" "test/*"
 
       - if: ${{ steps.cache-api.outputs.cache-hit != 'true' }}
         name: Upload to S3
         run: |
-          FILE_NAME="app-${{ github.sha }}.zip"
+          FILE_NAME="app-$(date +%Y-%m-%d_%H:%M)-${{ github.sha }}.zip"
           aws s3 cp app.zip s3://$CODE_BUCKET/$FILE_NAME
           echo "FILE_NAME=$FILE_NAME" >> $GITHUB_ENV
 
diff --git a/infra/lib/infra-stack.ts b/infra/lib/infra-stack.ts
index a740956..519aad8 100644
--- a/infra/lib/infra-stack.ts
+++ b/infra/lib/infra-stack.ts
@@ -419,6 +419,16 @@ export class InfraStack extends cdk.Stack {
             resources: [codeBucket.bucketArn, `${codeBucket.bucketArn}/*`],
           }),
 
+          // Allow publishing frontend artifacts to the dedicated frontend bucket
+          new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['s3:*'],
+            resources: [
+              frontendBucket.bucketArn,
+              `${frontendBucket.bucketArn}/*`,
+            ],
+          }),
+
           // Allow triggering SSM RunCommand to restart docker on the instance
           new iam.PolicyStatement({
             effect: iam.Effect.ALLOW,
@@ -444,6 +454,13 @@ export class InfraStack extends cdk.Stack {
             actions: ['logs:*'],
             resources: ['*'],
           }),
+
+          // CloudFront permissions
+          new iam.PolicyStatement({
+            effect: iam.Effect.ALLOW,
+            actions: ['cloudfront:CreateInvalidation'],
+            resources: ['*'],
+          }),
         ],
       }),
     );
@@ -482,5 +499,10 @@ export class InfraStack extends cdk.Stack {
       value: frontendBucket.bucketName,
       description: 'S3 bucket for frontend deployment',
     });
+
+    new cdk.CfnOutput(this, 'CloudFrontDistributionId', {
+      value: distribution.distributionId,
+      description: 'CloudFront distribution ID',
+    });
   }
 }
diff --git a/package-lock.json b/package-lock.json
index 8ab441b..ebdc80e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
 {
   "name": "ionicapp",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "ionicapp",
-      "version": "0.0.3",
+      "version": "0.0.4",
       "license": "UNLICENSED",
       "dependencies": {
         "@nestjs/common": "^11.0.1",
diff --git a/package.json b/package.json
index 44db976..467ed3f 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ionicapp",
-  "version": "0.0.3",
+  "version": "0.0.4",
   "description": "",
   "author": "",
   "private": true,
@@ -122,4 +122,4 @@
       }
     ]
   }
-}
\ No newline at end of file
+}