Blueprints
June 8

How to build a secure and scalable self-service infrastructure platform

In this talk I’ll explain how Pomelo built its self-service infrastructure platform, the tools we used, and how to create a scalable, secured, cost-effective and easy-to-maintain infrastructure platform.
Talk abstract

As a high-growth startup, we decided to build a self-service infrastructure platform that allows Pomelo developers to create and configure their app infrastructure without our intervention.

To build the platform we used AWS Cloudformation, AWS Service Catalog, and Argo Workflows. We created 30 products that help make Pomelo developer jobs easier and faster. I’ll explain the tools available from Cloudformation, why we used Service Catalog, how we configured developer access and permissions on AWS, and what we use Argo Workflows for. 

Maintaining security from the beginning was very important. I’ll also explain how we define network settings and permissions so our platform is secure and PCI-compliant. Pomelo infrastructure resources are only accessible at the permissions and networking level by the apps that should have access. In addition, data encryption is a setting that we enforce by default in the necessary environments.

My talk will cover:

  • What tools we used to build the platform
  • Advice on resource configurations
  • Security and networking keys that we took into account as a PCI-compliant company

Gustavo Adrian Gimenez
Staff Engineer, Pomelo

Related talks

Blueprints
June 9
Demystifying the hybrid multicloud landing zone
While cloud providers have individuated designs to create landing zones within their respective environments, there is little available guidance on creating modern enterprise hybrid multicloud landing zones. This lack of informed guidance with clear design goals and architectural reasoning results in duplication and reinvention as opposed to increasing learning and enhancing rigor.
Naveen Purushothaman
Chief Architect - Platform Engineering Services, IBM
sponsored
Blueprints
June 8
Build golden paths for day 50, not for day 1!
When most people think about creating golden paths, they think about the simple scaffolding use case of a new service or resource. However, this leaves out the remaining 99% of golden paths you can and should design for your developers. Here’s how to design sustainable golden paths that help both developers and platform engineers.
Kaspar von Grünberg
CEO, Humanitec
sponsored
Blueprints
June 8
Build abstractions, not illusions
The tech we have today is amazing, but it can also be complex. This talk reflects on two decades of building complex distributed systems, highlighting where abstractions helped and where illusions led to major disappointments.
Gregor Hohpe
Author Cloud Strategy
sponsored
Blueprints
June 9
7 platform engineering blueprints that can save the day for developer teams
Software engineers have discovered many patterns, good practices, and useful approaches to solve problems and provide quality and security for applications. Platform engineers are now doing the same in cloud native.
Giulio Roggero
Co-Founder & CTO, Mia-Platform
sponsored