Substrate from Source & Binary

By Richard Crowley

In 2020, I quietly opened a little consulting practice I called Source & Binary to build secure, reliable, and compliant infrastructure with small companies. I’ve helped a number of small companies with everything from architecture reviews to bring-your-own-AWS-account SaaS products.

From the outset, I have been working on tools that helped me be a better consultant. There are some parts of AWS that I believe you just have to get right. I wanted to bring tools with me into every engagement that got those things really right, really quickly, leaving me more time to learn about my client’s business, identify their actual problems, and design solutions that would really work. I named the tools, collectively, Substrate.

Your eyebrow is probably still raised by the statement above about a “right” way to use AWS. I stand by it. Every company should integrate AWS with their identity provider. Every company should be using multiple AWS accounts. Everyone with multiple AWS accounts should be stitching them back together using shared VPCs. Everyone should be using Terraform.

See? I didn’t say everyone should be using Kubernetes. I didn’t even say no one should be using Kubernetes. That one’s situational. So are most technology choices. Multi-region strategy can’t be set without business context. I made time for these technology discussions by bringing Substrate with me into every engagement.

Today, I’m pleased to announce a shift in focus away from client engagements towards customer relationships. Fully half of the companies using Substrate never engaged me for any kind of engineering work. They just heard about Substrate and recognized the value it would provide them. I think there are countless more companies that would benefit greatly by adopting Substrate.

Substrate helps you build and manage secure, reliable, and compliant cloud infrastructure in AWS. It delivers security through integration with your identity provider so that your employees never, ever need to have long-lived AWS access keys. It delivers reliability by creating separation between environments and services so you can incrementally deploy anything, even AWS resources. It delivers compliance by giving you a grown-up AWS organization and then mapping it into the SOC 2 control criteria.

The most common concern folks have when we’re talking about adopting Substrate is that it’s too early — that they’re not going to need it for a while or, worse, that it’s going to slow them down so much that their business doesn’t survive long enough to need it. That’s why Substrate is a suite of tools and why I’ve paid such attention to ergonomics. That’s why Substrate combines multiple AWS accounts (to create separation between services) with shared VPCs (to streamline inter-service communication without you having to do a bunch of CIDR math). Lumping development, production, every service, and all the data you’re storing haphazardly into one or two AWS accounts is technical debt that’s not worth taking on because, to carry the metaphor too far, the interest rate is unbearable.

There’s a galaxy of tooling in and around AWS these days. Hundreds of AWS services. Dozens of exciting and novel takes on platform-as-a-service. Hundreds of open-source projects. They’re puzzle pieces. And they might not even be from the same box. Substrate is the first few rows of the puzzle, assembled, ready to go. Watch the short demo video or email to learn more.