Cloud Migrations

Owning your infrastructure needs to be your competitive advantage. We'll get you there faster.


@joshduffney For what it's worth, I think the most valuable design patterns I've seen come from @cloudposse. I find Erik and his team are really pushing the design patterns for modules & tooling to solve many of the challenges faced when adopting terraform. #sweetops Waiting on book review 😀

What it looks like...

  • FULLY AUTOMATED

    Our GitOps process enables all engineers to participate without risking instability. By using 100% Infrastructure as Code, developers perform "Operations by Pull Request" so that every change goes through Code Review and CI/CD workflow.

  • REPEATABLE

    100% Infrastructure-as-Code eliminates error-prone manual operations. Reproducible 100% of the time. Spin up as many environments as needed and treat them all the same. Lifecycle Management strategies ensure easy upgrades of all components without major disruptions.

  • BEST PRACTICES

    We deliver a flexible solution capable of supporting any class of application that you might need to run now or in the future. We adhere to the best practices of the AWS Foundations Framework and the CIS Benchmarks for security.

  • HIGHLY AVAILABLE

    Fault-tolerant so that services won't fall over and die if a component fails. Resilient by design, so that services self-heal without human intervention. Scalable to grow with demand both instantaneously and over time as the business grows. Capable of being both scaled-up and scaled-out.

Local Development Environments

Rapidly onboard new developers. Efficiently iterate on features.

Rapid Software Development...

  • REPEATABLE

    Reproducible 100% of the time. Spin up as many environments as needed and treat them all the same.

  • SQUASH BUGS

    Treat everything as "Infrastructure as Code" for more manageable environments. Reduce the human element wherever possible.

  • EASY TO USE

    Developers should be able to get up and contribute their first "Pull Requests" day-one.

  • FAST ONBOARDING

    Simple enough that anyone on your team should be able to use it.

Release Engineering

You need a process to reliably release software at any time and without downtime.

Confidence that it works...

  • INTEGRATION TESTING

    Leverage CodeFresh, GitHub Actions or other systems like AWS CodeBuild, and Jenkins to build and test every commit. Know exactly which commit broke the build every time.

  • CONT. DELIVERY

    Deploy exactly what was tested to any cluster using immutable containers. Identify problems before they get into production. Run identical environments to eliminate headaches.

  • PREVIEW ENVIRONMENTS

    Preview Environments enable any branch or Pull Request to be deployed as a short-lived ephemeral environment. Unlimited environments ensure developers are unblocked to test their changes.

  • FULLY AUTOMATED

    Zero downtime, rolling deployments are accomplished automatically using Kubernetes with Helm. Need a service mesh like Istio? No problem.

Automated Deployments

Continually test every change made to your infrastructure and ensure all systems go. "Operations by Pull Request" ensure anyone that can open a Pull Request is capable of contributing.

Easy deployments...

  • EASY ROLLOUTS

    Infrastructure as code means it can be tested as code.

  • QUICK ROLLBACKS

    Easy rollbacks when things don't work as expected. Just revert to the previous deployment without bending over backward.

  • ZERO-DOWNTIME

    Zero downtime, rolling deployments are accomplished automatically by Kubernetes.

  • RELIABLE

    Improve overall stability by catching problems early. Treat every problem as an opportunity to eliminate future headaches.

Site Reliability Engineering

Monitor everything that your organization depends on to meet SLAs, which means keeping an eye on both internal and external services.

System-wide overview...

  • DASHBOARDS

    Dashboards provide an overview of everything at a glance and provide the necessary transparency across departments. Get everyone on the same page and working towards the same goals by giving them the insights they need to do it.

  • KEY PERFORMANCE INDICATORS

    KPIs provide the benchmarks for success. They give a concrete indicator when things are working or broken. Alert based on thresholds instead of discrete events. Generate actionable notifications that escalate only when it matters to On-Call Engineers.

  • LOG AGGREGATION

    Monitor internal services for both availability and correctness. Aggregate and report on logs collected from all services across all machines.

  • MONITORING AS CODE

    External services are just as integral to the performance of your product as internal ones. Monitor all dependencies as if they were your own. Escalate before their problems become yours.

Scale Testing

Know your limits...

  • TEST PLAN

    Collect and ship logs somewhere for easy reporting.

  • ESTABLISH BASELINE

    Reporting on logs requires visualization of events because that's the only way to make sense of mounds of data.

  • SIMULATE TRAFFIC

  • OPTIMIZE & REPEAT

    Integrate with monitoring and alerting so that critical events are not lost.

Training and Support

Foster an engineering culture that fuses ops and dev by cross-training engineers to achieve maximum productivity and complete business continuity.

Foster a DevOps culture...

  • CODE REVIEWS

    DevOps involves constant cross-training of engineers to achieve business continuity at the human-level.

  • SCREEN SHARING

    Live pairing with your team via Zoom helps them pick things up quickly. Schedule time easily with any member of our team.

  • SLACK CHANNEL

    Best Practices exist to teach hard lessons more easily.

  • DOCUMENTATION

    Cloud Technologies are evolving at an astonishing rate. Get help staying on top of the latest & greatest tech without getting overwhelmed.

Security & Compliance

Implement a strategy that bakes security into the DNA of the organization that addresses both technological attack vectors and social engineering.

Protect your business...

  • SINGLE SIGN-ON

    Cloud security involves hardening all components, restricting access with SSO/MFA, and having a bird's eye view of everything going on to quickly remediate any incident.

  • PHYSICAL SECURITY

    On-prem security is just as important as cloud security. Protect your intellectual property (IP) from being compromised. Lockdown laptops, wifi, and physical access. A company is only as secure as its weakest link.

  • AUDIT TRAILS

    Auditing is the on-going process of surfacing anomalous events happening across all systems by combing through centrally aggregated logs like Splunk, Sumologic or Kibana/ElasticSearch.

  • SECRETS MANAGEMENT

    Secrets management ensures there's a formal process for storing, securing, and rotating passwords and keys. Well designed solutions help ensure your company will not be tomorrow's headline news.

Gap Assessments

Our "Best Practices" exist to teach hard lessons more easily.

Gain the upper hand...

  • CLOUD ARCHITECTURE

    We'll perform a comprehensive 12-factor assessment on your code base

  • GITHUB

    We'll review your GitHub organization to make sure your taking maximum advantage of the platform, including a comprehensive security assessment.

  • DOCKER/COMPOSE

    We'll review your Dockerfiles and Docker Compositions to make sure you're making best use of the tools.

  • KUBERNETES

    We'll review your usage of Kubernetes and make recommendations on how to better leverage the platform to your advantage.

Get Price

Other Resources

  • Hundreds of Terraform Modules

    We are the largest provider of high quality, well-maintained, 100% Open Source (APACHE2) Terraform Modules. All modules are tested with terratest. Pull Requests welcome! View our Terraform Modules

  • Dozens of Helm Charts

    What makes them special is we've developed these charts to integrate with third-party services like Github for authentication (OAuth2) and Duo for MFA. View our Helm Charts

  • Dozens of Helmfiles

    Preconfigured release configurations for all essential services for kubernetes including Prometheus, Grafana, Nginx Ingress, Kube Dashboard, Cloudflare Argo, Fluentd, and much more. View our Helmfiles

  • Helpful Slack Community

    Join our community, It's FREE! This is the best place to talk shop, ask questions, solicit feedback, and work together as a community to build sweet infrastructure. Join our Slack Community

  • Badass Documentation

    Here you'll find comprehensive guides and documentation to help you start working with the Cloud Posse technology stack as quickly as possible, as well as support if you get stuck. Read our Docs

  • Free Weekly "Office Hours"

    Every week we hold a conference call via Zoom for our community members to share what they are working on and ask questions. Join our next call

Get Price

Frequently Asked Questions


Engagements

Cloud Posse's mission is to help companies own their infrastructure. We accelerate this journey by architecting your 4 layers with you and by taking the lead on the implementation.

Getting Started With Us

We always start with a green-field approach. We'll need your help to make all of the required design decisions that are necessary to build your infrastructure from the ground up. Everything we do is delivered by pull request for your review and we can augment the documentation on anything you want. This approach provides the best opportunity to gain a deep hands-on understanding of our solution.

We encourage you to ask as many questions as you want and challenge our assumptions. You also can volunteer for any task you feel confident in taking on and we'll help you as needed.

When You Own It

When everything is ready for go-live, this is when you lead! We'll help you get everything set up for a smooth transition from your heritage environment to your shiny new infrastructure. At this point, your team has the know-how to operate these platforms in production and we're there for any questions or ad-hoc support that come up. We don't expect teams to pick this up overnight, that's why we'll stay engaged for as long as you need.

Day-2 Operations

After our engagement, you will have all of the skills and tools you need for infrastructure operations (upgrades, patching, incident response, triaging, SRE adding monitors and alerts) as well as security operations (responding to incidents, staying on top of vulnerabilities/ CVEs). Staying on top of these things is critical for a successful long-term outcome.

We'll stick around to answer questions and for pair programming sessions for as long as you want us to.

Check out our approach to learn more!

We offer all of our customers’ ongoing support for as long as they need it. Choose what's right for you.

  • We provide free weekly support via our “Office Hours” webinars every Wednesday at 11:30 am PST. These calls last one hour and we'll answer as many of your questions as we can.
  • We also provide optional support retainers which include a fixed block of hours that go towards maintenance and support. You'll have direct access to our team via a shared Slack channel in addition to the ability to schedule one-on-one calls via Zoom.
Get Price

We provide entirely optional ongoing support for customers who've gone through our DevOps Accelerator.

By in large, most of our customers take over the day to day management of their infrastructure.

We're here though to help out anywhere you need it.

We do not provide 24×7 “on-call” (aka PagerDuty) support.

Get Price

Absolutely not. You can cancel anytime.

Get Price

Our typical engagement model begins with a complete platform rollout. This includes roughly 6-8 sprints, each one 1-2 weeks in duration. During this time we set up all AWS Accounts with IAM federation, Cloud Trail audit logs, a comprehensive release engineering process, total observability with our Site Reliability Engineering (SRE) sprint, Remote Access Management (Teleport and KeyCloak), GitOps Operations by Pull Request.

The first engagement takes roughly 3-4 months to complete. These engagements have extremely well-defined project plans. Ask us and we can show you what that looks like. 

Customers most often decide to keep us on after the initial engagement for follow up work.

Get Price

We can add easily additional sprints to a Scope of Work. We just need to agree on what goes into a Sprint which will determine the number of Sprints required.

We can start as soon as you sign our Statement of Work. Typically we see this process take 2-3 weeks from the first introductory call to the start of our engagement

Here's our checklist we'll need to complete before we can start.

  • Execute Mutual NDA (ours or yours)
  • Collaborate on Engagement Workbook via Google Docs
  • Execute Statement of Work, and Master Services Agreement
  • Deposit Payment
  • Kick-off!

We can kick off the initial introductory call immediately, so please make sure that you schedule it today

After talking with you and assessing if we're a proper fit, we'll execute a Mutual NDA and then send over an Engagement Workbook so we can gather all the requirements for your project and estimate the cost.

Get Price

We work with companies anywhere in the world.

While most of our customers are based in the United States, we've worked with companies in the United Kingdom, Germany, Australia, Hong Kong, India, Argentina, etc. Our team is distributed across the US and Eastern Europe.

  1. Take our quiz to find out if we are a good fit!
  2. Book a discovery call to go over your exact challenges.
  3. If we can help, we'll execute a Mutual NDA (ours or yours), then collaborate with you on our Engagement Workbook using Google Docs.
  4. Once we agree on the general scope, we'll prepare a comprehensive Statement of Work (SOW) detailing the entire project.
  5. Master Services Agreement (MSA) and SOW are executed, we'll send an invoice for the deposit and first Sprint.
  6. Work will commence shortly thereafter.