Are you afraid of the hassle and headache of managing your infrastructure? The Cloud Posse Reference Architecture is here to streamline your operations and help you achieve your goals faster. By jumping on board with us, you'll gain access to a comprehensive ecosystem of Infrastructure as Code that will put you on the fast track to success. Plus, it's all backed by our fanatical support.

Ensures Business Continuity

Your infrastructure is no longer a snowflake. We're your partner who understands everything you have because we built it with you. Cloud Posse is always there to help you out.

Reduces Opportunity Cost

Cut months of engineering time down to weeks. You can begin building and deploying your applications sooner and with greater confidence.

Fixed Implementation Cost

You're not on the hook for unexpected cost overruns and can stay within budget while the project's benefits are ongoing — all for a flat fee.

Long-term & Short-term Cost savings

Our pre-existing infrastructure code is continuously updated which will save you time and resources on development, testing, and maintenance, resulting in significant cost savings over time.

Cloud Posse has the industry's most robust AWS reference architecture for terraform to solve your most challenging problems of compliance and observability. Our blueprints provide you with the plan you need to ensure you have a platform built for scale and we'll guide you along the way so you can make informed decisions. After you graduate from our accelerator, we offer long-term support to help you grow.

Our entire library of infrastructure as code is free. We provide solutions and services to guide companies in implementing it the SweetOpstm way. This is what customers get when they buy our reference architecture.

Our reference architecture for AWS consists of a few parts:

Terraform components are our opinionated terraform “root modules” that leverage our library's terraform modules to implement the most common patterns and architectures that customers request.

This is our repeatable, proven process that we follow every time. It includes our hands-on implementation and is what customers get when they invest in our Jumpstart or Enterprise DevOps Accelerator tracks.

Documentation & Homework is how your team will be able to take ownership. All customers in one of our DevOps Accelerator tracks receive direct access to our continuously updated documentation. We also offer regular workshops for our Customers. Companies investing in our Enterprise DevOps Accelerator track will be assigned homework that we coach you through pairing sessions to implement.

But that's not all. Our open-source components and bug fixes are always up-to-date and available to you, even after our engagement is finished. That means you'll always be plugged into the latest technology and best practices without having to worry about maintenance or updates.

With Cloud Posse, you're not just getting a one-time solution. You're getting a long-term partner who will work with you to build and maintain a top-of-the-line infrastructure that meets your unique needs. So why wait? Take the first step towards a better infrastructure today. Try out the Cloud Posse Reference Architecture and see the results for yourself. With our money-back guarantee, there's nothing to lose and everything to gain.

Get Price

Background Story

In 2015, Cloud Posse took a gamble on the idea that companies could collaborate on infrastructure across corporate boundaries. Today, that gamble has paid off in spades. Our open-source terraform modules are used by thousands of companies every day, and our reference architecture pattern has proven that infrastructure can be built in a reusable manner.

At the heart of our reference architecture is a service catalog of all the essential pieces of infrastructure, from accounts and VPCs to clusters and databases. By using our native terraform modules, businesses can quickly and easily compose everything they need into a well-built architecture that meets their unique needs. And the best part? All of our components are distributed for FREE under the permissive APACHE2 open-source software license.

But while our software is available to everyone, not everyone has the expertise to build a robust infrastructure. That's why we offer paid engagements that follow a proven process to produce consistent results on time and within budget. Our step-by-step documented process, coupled with exclusive documentation that we've developed over 8 years, is the most valuable part of our reference architecture for our paid engagements.

So whether you're a small startup or a large enterprise, Cloud Posse can help you build the infrastructure you need to succeed. Try out our reference architecture pattern today and see the results for yourself.

Get Price

Architecture Overview

At Cloud Posse, we have a very prescriptive approach to implementing architectures on AWS. We believe that a well-built infrastructure is the foundation of any successful business, and we're committed to helping you build a solid foundation that meets your specific business requirements.

  • Improves reliability: Infrastructure code used by multiple organizations is more reliable and stable, as any issues or bugs are identified and addressed more quickly.
  • Increases agility: Continuously updated infrastructure code helps organizations stay agile and adapt quickly to changing business needs. Plus, you will be able to manage everything, solving the immediate problem and creating an internal capability for handling future problems.
  • Competitive advantage: by ownership of your platform, you are in control of your destiny. You can customize the infrastructure to meet their specific business needs. Plus, leverage the collective knowledge and expertise of our community to stay ahead of emerging trends and best practices. 

While our approach is prescriptive, we understand that some “last mile” customizations will likely be needed to suit your use cases. We'll do our best to accommodate them and work with you until those needs are met, ensuring that your infrastructure meets your specific business requirements.

Get Price


Our approach consists of four layers that work together to establish your foundation, built from the bottom up to support your specific business requirements. Think of it as buying and tailoring a suit based on your specific needs. Each layer implements a foundation for your team to build on top of, providing a solid platform for your business to grow.

We call these layers the “pillars” of well-built infrastructure, and they're inspired by the AWS Well-Architected framework[1] Unlike the framework, however, we provide the services to implement these pillars with Terraform, ensuring that your infrastructure is built using the latest technologies and best practices.

Here are our five pillars of well-built infrastructure.

Your foundational infrastructure consists of everything related to your AWS organization such as organizational units and Cloud Trails, IAM architecture, DNS architecture, and all the way up to the VPC and the associated VPC architecture. Everything is built with multi-region and multi-tenancy in mind since many of our customers serve enterprise businesses with complex regulatory requirements that require account-level isolation.

As part of this, we set up your Geodesic toolbox and initial Atmos configuration.

Your foundational platform is how you consistently deliver your applications. We support two popular options, including Kubernetes using EKS and ECS. As part of this pillar, we deploy all the backing services required by the platform. For Kubernetes, these are services like the amazon-load-balancer-controller, cert-manager, external-dns and more. For ECS, we'll typically provision public and private ECS clusters along with a public and private ALB and API Gateway.

Release Engineering is how teams build and release their software. It's arguably the most crucial part of the entire process because it's how the business can deliver software faster and more reliably to its customers. We can deliver multiple CI and CD patterns with a solid foundation and platform. Leveraging GitHub Actions we develop patterns for application archetypes (e.g. Dockerized Microservices, Single Page Applications, Application Libraries, Executables, etc). Then help roll those out by leveraging tools like cookiecutter to make it very easy to onboard new applications.

The foundation of Site Reliability Engineering (SRE) is implementing an architecture that supports observability, alerting, and incident management. As part of this process, we implement a comprehensive incident management architecture leveraging Datadog and OpsGenie, managed entirely with Terraform.

Our approach to security and compliance at a high level is very simple. We provision all the AWS security-oriented products that enable continuous checks for compliance such as SecurityHub, GuardDuty, Inspector, and Macie. Then deploy the guardrails to ensure you're services are running securely. We work with your team to remediate all the issues raised and satisfy the auditors by deploying Audit Manager for evidence collection.

Professional Services & Ongoing Support

Once your company has graduated from our “DevOps Accelerator” tracks, we aim to see you succeed. We recognize that not all teams will learn at the same speed or have the time to commit to owning their day-to-day operations the minute we finish.

That's why we offer ongoing support for as long as you need our help.

Get Price

At Cloud Posse, we're committed to helping you build a solid foundation that meets your specific business requirements, enabling you to focus on what really matters: your core business. Contact us today to learn more about how our five pillars of well-built infrastructure can benefit your business.

Frequently Asked Questions


We charge a fraction of what it costs to do it in-house and deliver it in half the time or faster. Check out our calculator just to see how much it can cost to build your own cloud infrastructure. Make sure you review some of the risks of doing it yourself.

 We practice “agile” development. We charge a flat fee per sprint but allow for scope changes (which are billed separately) at customer request. A typical engagement consists of 8-10 sprints that are 2 weeks (80 hours) in duration.

Get Price

We can start as soon as you sign our Statement of Work. Typically we see this process take 2-3 weeks from the first introductory call to the start of our engagement

Here's our checklist we'll need to complete before we can start.

  • Execute Mutual NDA (ours or yours)
  • Collaborate on Engagement Workbook via Google Docs
  • Execute Statement of Work, and Master Services Agreement
  • Deposit Payment
  • Kick-off!

We can kick off the initial introductory call immediately, so please make sure that you schedule it today

After talking with you and assessing if we're a proper fit, we'll execute a Mutual NDA and then send over an Engagement Workbook so we can gather all the requirements for your project and estimate the cost.

Get Price

We believe in total transparency.

For this reason, you can expect no hidden fees from us.

IMPORTANT: Depending on the features you want to be implemented, certain third-party software subscriptions may be required (SaaS).

We do not include these costs in our contract because they are negotiated between your company and the vendor. Sometimes you may qualify for “startup” pricing.

Examples include:

  • AWS
  • Datadog
  • NewRelic
  • Sumologic
  • Splunk
  • Codefresh
  • Teleport
  • Kubecost
  • Mailgun
  • PagerDuty
  • Pingdom
Get Price

Anyone is free to fork our repositories and try themselves, but our support eliminates the guesswork and shortens the time it takes to implement correctly.

Think of it like this: anyone can walk into a hardware store and pick up the materials to build a house. Very few people can build a house that won't fall down if they don't have the experience of using all the tools and hardware correctly. We fill the gap by providing the knowledge and experience to get you where you want to be faster than doing it yourself.

Get Price

Of course! We can't wait to show you what it can do.

Book your appointment today.

Get Price

Yes, we've worked with enterprises like Globe Life (Fortune 500), Checkatrade, and

Get Price

Cloud Posse's typical engagement is for greenfield projects.

The typical duration of our initial rollout is 3-4 months, broken down into 2-week sprints. Each sprint is focused on specific deliverables that are summarized in this list:

The whole package is recommended but not every item on this list is required to be delivered in every engagement, this is per-customer requirements. We work with your team to help them own the solution we build together once the engagement winds down, but we're always here to help!

Community support is available through our internal and public Slack communities ( and our public Office Hours are available every Wednesday at 11:30 AM Pacific Time, you can also listen to previous sessions on our podcast or on our YouTube channel.

After an engagement ends, we offer optional ongoing support, and starting new projects is always an option as well

Get Price

Our experience ensures you reach your goals in record time. Time is money. Salaries are by far the biggest cost for most startups. Think about how much you would pay to do this in-house and combine that with how long it will take you. During that time, your teams will be blocked or at the very least slowed down. Plus, you don't even have a predictable outcome. You can easily quantify this as your opportunity cost.

Our solution will pay for itself. You get a predictable solution delivered in record time for a fair price. Your engineers will be unblocked sooner and you'll be able to move faster.

Make sure you include all costs associated with your project.

  • What is the cost of recruiting your team?
  • What is your team’s fully-loaded cost? 
  • How long will it take to build and train the team?
  • Will they stick around long enough to see the project through?
  • What happens when everyone goes on holiday or takes a vacation?
  • Will you have enough work for them when the project is over?

Our total project costs predictable. You'll know upfront what to expect and there are no surprises.

Get Price

It depends. Your best bet is to schedule a discovery call with us so we can go over your specific concerns. Assuming your software runs on Linux and that you're able to make any necessary code changes to ensure your applications are “12 Factor App” compliant, there's a very high likelihood we'll be able to help you out.

Get Price

We have a very specific mission, which means we may not be a good fit for all companies.

  1. Companies who are too small (1-2 engineers) may struggle with the upkeep of managing their own infrastructure.
  2. Companies who do not commit any in-house resources to learn the new software stack will have a tough time (you own it after all!)
  3. Companies who prefer to use different tools than we prescribe may run into integration challenges (we recommend what we know works)

If any of these sound familiar, please discuss with us before proceeding.

Here are some additional resources you can review:

  1. Our GitHub is where we publish over 140 terraform modules we've written and open-sourced under the Apache 2 software license. Our repos see over 11K unique visitors every single day and have over 5000 stars. We receive dozens of Pull Requests every week.
  2. Our Reviews are glowing both from our customers and from our community.
  3. Our Community will tell you how much we've helped them. You can scan through all of our archives to see what they say.
  4. Our YouTube Channel showcases many of our presentations and webinars
  5. Our Office Hours Recordings demonstrate our depth of knowledge and commitment to help others.
  6. Our Service Catalog is what lets us rapidly deploy the applications you see in our demos and is regularly updated.
  7. Our Work is Cited all over the place.
Get Price

What’s it costing your business if you wait?

The longer you wait, the more time & effort you'll waste on maintenance rather than innovation. The more tech debt you'll amass. The more opportunities you'll miss.

Your developers will be less productive, which means you'll be paying more while getting less done in return.

The sooner you streamline your operations the faster you will move:

  1. Reduce your opportunity cost and capitalize on the investment sooner
  2. Release more features to customers faster
  3. Control operating costs to do more for less

Not to mention, your developers will love you for making their lives easier. The last thing developers want is to do things by hand.

Get Price

When you hire Cloud Posse, you're buying an outcome that few others can provide. What a company is really buying from Cloud Posse is an end-to-end solution that includes time for implementation and integration. This is a solution that has cost our customers millions of dollars to implement and we are selling for a tiny fraction of the cost to implement it in-house.

We are not a traditional “DevOps as a Service” company that only does the grunt work; we provide thought leadership combined with expert execution and implementation. We have chosen to use an “Open Source” licensing model to simplify the software distribution because we provide 10x the value in our implementation. 

During the course of our engagement, our customers have direct access to our team with tremendous experience in cloud architecture & implementation. Companies hire us to implement in a span of only 3-4 months would take even the most senior experienced team DevOps engineers years to develop, which makes our offering insanely affordable by comparison.  By partnering with Cloud Posse, you're sparing all the hard “lessons learned” to achieve a greater outcome in a shorter amount of time with less risk.

You will find the industry-standard rate for experienced independent contractors/freelancers is around $150-250/hr. Note, when you hire freelancers they don't bring to the table the unparalleled library of code and experience that you get when you partner with Cloud Posse. We put our best foot forward on GitHub so you see exactly what you’re getting. Plus, freelancers and employees cannot offer business continuity, which leaves your company with no one to turn to when/if they leave or go on vacation. While a company might shave off a little bit on the hourly rate by going with an independent contractor, it's several orders of magnitude more expensive to implement a custom solution that is remotely comparable to what we offer; that solution will have greater uncertainty and result in greater risk for your business. 


Get Price
  • Gruntwork doesn't provide open access to all their modules, they are a subscription service. Cloud Posse open sources everything.
  • All of our code is in GitHub and can be forked and used with no concerns about licensing issues (APACHE2).
  • Gruntwork's Reference Architecture requires Terragrunt
  • Gruntwork is not a consulting company. They do not help with hands-on implementation. That's left up to you.
  • We provide a comprehensive project plan consisting of hundreds of implementation tasks and design decisions that we execute together with your team.
  • Our Slack community is free for anyone to join, not just paying customers.
  • Because our work is Open Source, there's a lower barrier to getting started. That's why it's in use by thousands and thousands of companies. We receive dozens of Pull Requests every week enhancing our modules and fixing bugs.
Get Price

Our goal is not to sell you on a solution that you don’t need or one that will frankly be overkill for you. We've worked with several customers that were pre-product and helped them launch successfully. What's important is that owning your infrastructure needs to be a competitive advantage. We work best with companies that have some experience running their apps in containers, using AWS in some capacity, companies that flexible in adopting the open-source tools we deliver as part of our solution.

Your best bet is to schedule a discovery call and we'll quickly assess if we're a good fit for your company.

Get Price

Unfortunately, we're not able to take on small engagements. You can, however, join us every single week for 100% free “Office Hours”—where we seek to answer your questions. Just register for an invitation.

We hold our “Office Hours” every Wednesday at 11:30 am PT via Zoom. We're typically 30+ people on the call and all skill levels are welcome.

Checkout our past recordings on YouTube or subscribe to our Podcast.

Get Price

We work with companies who need to own their infrastructure as their competitive advantage.

Our customers are typically post-Series A technology startups who are seeing success in the market and need to accelerate their DevOps adoption in order to take their company to the next level.

They are backed by some of the biggest names in the industry and are solving really difficult problems with technology.

Get Price

Can you help me understand where the boundaries of CloudPosse's responsibilities end, and where ours would start? 

Cloud Posse's mission is to help companies own their infrastructure. We accelerate this journey by architecting your 4 layers with you and by taking the lead on the implementation. Since we have an opinionated framework, customers will need to learn how to leverage everything for their use cases. This will sometimes mean altering how you build and deploy your services.

Getting Started With Us

We always prefer to start with a green-field approach, where we build your infrastructure from the ground up together with your team. As part of our process, we'll walk you through all of the required design decisions, ensuring you have sufficient context to make informed decisions. This is why we expect our customers to have someone on their engineering team invested in the outcome. This part is absolutely critical, as it ensures what we deliver suits your business needs. Everything we do is delivered by pull request for your review and we will happily provide documentation on anything you want. Along the way, we'll assign homework exercises and provide ample documentation. This approach provides the best opportunity to gain a deep hands-on understanding of our solution.

We encourage you to ask as many questions as you want and challenge our assumptions. You also can volunteer for any task you want to take on as “homework” and we'll help you out as needed.

When You Own It

Once our job is done, this is where you take the driver's seat. We'll help you get everything set up for a smooth transition from your heritage environment to your shiny new infrastructure. Rest assured that we'll stick around until your team is confident and has the know-how to operate these platforms in production. We don't expect teams to pick this up overnight, that's why we'll stay engaged for as long as you need. We're happy to answer questions and jump on Zoom for pair programming sessions.

Day-2 Operations

After our engagement, you will have a solid foundation powering your apps, and all the tools you need for infrastructure operations. This means your team is responsible for the ongoing maintenance, including upgrades (e.g. EKS clusters, and all open-source software), patching systems, incident response, triaging, SRE (e.g. adding monitors and alerts), as well as security operations (responding to incidents, staying on top of vulnerabilities/ CVEs). Cloud Posse is continuously updating its Open Source module ecosystem, but it's your responsibility to regularly update your infrastructure. Staying on top of these things is critical for a successful long-term outcome, with minimal technical debt.

For companies that want to focus more on their business and less on maintenance, we provide ongoing support engagements exclusively for customers that have completed our accelerator.

Check out our approach to learn more!

Get Price


If you're interested in keeping us around after you're finished with our DevOps Accelerator program, we suggest a quarterly retainer that covers 3 months (120+ hours) that will enable us to continue to consult and support you.

This would include:

  • Slack support via shared channels
  • Zoom pair programming sessions
  • Project management with direct Jira access
  • Weekly status check-ins (for 120+ hour retainers)

Typical tasks include:

  • Patch and update services (e.g. kubernetes and associated services)
  • Keep infrastructure code current (terraform modules, helm charts)
  • Support major version upgrades of Helm and Terraform
  • Implement new infrastructure components, monitors, or environments
  • Assist with triaging incidents and remediations
  • Optimize performance and cloud spend


How we use the retainer is entirely up to you. We'll suggest tasks as they come up and add them to the backlog. We'll prioritize the work together with you on our check-in calls.

Tasks (and projects) are typically assessed by how much time we want to invest in them. We are happy to collaborate with you to help figure out the best use of our time, but we generally don't guarantee estimates and deadlines as part of ongoing support. This is why we recommend instead to timebox requests, that way you can stay informed if something takes longer than you had expected. It also gives the engineer(s) the ability to quickly communicate if the requested task is going to take shorter or longer than expected.


Our standard quarterly retainer size is 120 hours. You can expect to be provided with detailed billing reports and have direct communication with us every step of the way. We invoice retainers in advance of services under Net-30 terms. Additional retainers can be purchased at any time with written approval. In other words, any time you want to guarantee more bandwidth with us, all we need is an email approval.

Get Price

We offer service credits (hours) discount for customers participating in a successful, published case study. Here's how it works:

  1. Obtain provisional approval for conducting a case study.
  2. Interview stakeholders involved in the project.
  3. Prepare a private case study published on our site (password protected).
  4. Submit case study for approval. Make any required changes.
  5. Publish the case study.

You might be wondering if you can expect to come out the other end of our accelerator with a team ready and able to take over day-to-day operations and migrate additional products into this stack using Cloud Pose's modules.

TL;DR: Yes! But there's homework involved.

When you work with Cloud Posse, it's more of a “delivery” model of engagement in the sense we're doing 95% of the work, in your repo, from day one – one pull request at a time. Our strategy of handoff is helping your team pick up the ropes by assisting them with self-prescribed homework assignments. We do not at this time have any formal curriculum for training, since every team has different needs. What we provide is a standard set of documentation, architectural diagrams, and office hours. We will also document any requested processes or systems as general support. Cloud Posse does not provide Staff Augmentation or Training arrangements.

Think of it more like this… while we're engaged and building out your platform, your team has full access to ask us anything. They can follow along in GitHub, review pulls requests, ask for demos, etc. We'll jump on the phone anytime to help triage, pair program, research, or prototype anything else they want. The most successful teams take advantage of this opportunity early on in the engagement. Those are the teams that are ready to migrate additional products.

Case in point: we have a customer that after 3 weeks of working with us took the initiative and used our Datadog component and migrated all their existing legacy Datadog monitors into terraform. The way we found out was they tagged us on the pull request. That's rad. After multiple reviews and comments, the PR got merged and they're well on their way.

When we're done building everything out, we'll stick around for as long as you need our help – but that's optional. Most customers keep us around for some time afterward until their team feels fully confident operating everything. Also, what we frequently see happen is that teams decide to expand the scope and tack on additional services in their catalog (E.g. EMR, RedShift, StrongDM, etc are examples of this)

Get Price