Cloud & Infrastructure
AWS architecture, K8s, Terraform. From greenfield to rescue.
- AWS · GCP architecture
- EKS · k3s · Helm
- Terraform · Terragrunt · Ansible
- Cost optimization (20–30%)
- Multi-region failover
us-remote · accepting q2 engagements
Cloud infrastructure,
automation,
and websites.
A technical studio doing cloud architecture, internal tooling, and web builds - scoped, executed, and operated under one roof.
- years prod infra12+rackspace → enterprise → studio
- aws monthly savings↓ avg client20–30%reserved · rightsize · anomaly
- incidents handled400+on-call across 4 prod surfaces
- soc 2 audits passed3type ii controls, end-to-end
02 - services
Three intake lanes. One studio.
lane_01 lane_02 Web Design & Development
Next.js + edge-rendered. Marketing sites and small SaaS.
- Next.js App Router
- Cloudflare Workers · Vercel
- Supabase + Drizzle
- Stripe billing
- Tailwind + shadcn/ui
lane_03 Automation & Tooling
CLIs, agents, scrapers. The internal tools that compound.
- CLIs (Rust · Go · Python)
- AI/agent workflows
- Browser extensions
- Headless automation
- Data pipelines
03 - selected work
What got shipped.
Anonymized. Numbers are real.
- cloud · costseed-stage saas · 2025
Cut a runaway AWS bill by 28% in 6 weeks - without touching app code.
Series-A SaaS hemorrhaging $42k/mo. Inherited from a contractor who'd over-provisioned EKS, left zero RIs, and shipped no anomaly detection. Standard rightsizing + reserved-instance ladder + Compute Optimizer + per-team cost allocation.
- SAVINGS / MO
- $11,760
- TIME TO PAYBACK
- 5 weeks
- CODE CHANGES
- 0
aws spend · 12 wk↓ 28%wk 01 · $42.0kwk 12 · $30.1k - reliabilityCrypto infra · 2024
Multi-region archive-node stack with auto-failover
Built dual-region read-replica topology with health-check-driven traffic shift. Zero-downtime upgrades via blue-green node swaps.
- UPTIME
- 99.98%
- FAILOVER
- <8s
- complianceFintech SMB · 2023→24
SOC 2 Type II controls - full evidence trail
IAM lockdown, vulnerability scanning, audit logging, continuous monitoring. Auditor walked away clean on first review cycle.
- AUDIT
- PASS
- FINDINGS
- 0
- platformB2B platform · 2024
Terraform rescue - IaC from a 200-resource console mess
Inventoried existing AWS console-managed resources, imported into Terragrunt, set up drift detection in CI. Reproducible from scratch.
- IMPORTED
- 218
- DRIFT
- 0
- observabilitySeries-B SaaS · 2025
Grafana + Prom + Loki + OTel + PagerDuty in 9 days
End-to-end observability stack from zero. Service-level SLOs, error budgets, on-call rotations, and runbooks linked from every alert.
- MTTR
- ↓64%
- DASHBOARDS
- 14
04 - engagement models
Productized scopes. No hourly surprises.
- 7 days
Ops Baseline
- CI/CD pipeline
- IaC seed
- Monitoring stack
- Runbooks
fixed - 2–4 wks
Cloud Hardening
- Security audit
- IAM lockdown
- SOC 2 evidence
- Audit report
fixed - 2–4 wks
Site Build
- Next.js + edge
- Stripe billing
- Auth + DB
- Deploy pipeline
fixed - Ongoing
Platform Retainer
- Embedded DevOps
- On-call escalation
- Monthly review
- Capacity planning
monthly - Scoped on call
Custom Project
- Discovery sprint
- Written proposal
- Fixed deliverables
- Handoff docs
quote
05 - stack
The toolchain in production rotation
- AWS
- GCP
- Azure
- Kubernetes
- EKS
- k3s
- Helm
- Terraform
- Terragrunt
- Ansible
- Docker
- GitHub Actions
- Jenkins
- CodeDeploy
- Grafana
- Prometheus
- Loki
- OpenTelemetry
- PagerDuty
- Next.js
- Cloudflare
- Vercel
- Supabase
- Drizzle
- Stripe
- Tailwind
- shadcn/ui
- Rust
- Go
- Python
- Bash
- TypeScript
$ bhl tell-me-whats-broken
Tell us what's broken.
We'll tell you what we'd do about it.
30-minute call. No pitch, no slides. A diagnostic, on the house.