AWS solutions tailored to your SaaS needs

AWS infrastructure & DevOps to scale your SaaS business

5/5 rating on AWS IQ

10+ AWS certificates

€200K+ annual cloud savings realized

Our specialized AWS solutions

We’ve helped plenty of SaaS startups and scaleups develop reliable infrastructure.

AWS Cost

We analyze and identify AWS cost savings opportunities, extending your runway. When implemented, you pay 25% of the actual yearly savings achieved - no found savings means no fee.

AWS Migration

Transform your infrastructure without disrupting business. We manage the entire AWS migration while your team stays focused on your product. Includes architecture design, execution, and validation.

AWS Operations

Keep full control of your AWS account while we handle the rest. Includes round-the-clock monitoring, security management, and performance optimization aligned with your growth targets.

Expand your cloud potential

Cloud Specialists

As cloud specialists, our Expert AWS Consultants deliver specialized SaaS solutions on Amazon Web Services. What sets us apart? Every engineer on our team holds both AWS Solutions Architect Professional and AWS DevOps Engineer Professional certifications – the highest level of expertise AWS offers.

At ElasticScale, we transform complex cloud transitions into clear, manageable steps. Our dedicated team provides personalized attention to your unique challenges, whether you're starting fresh or optimizing existing infrastructure. By choosing a boutique partner, you get direct access to senior expertise.

Advantages of working with us

€200K in yearly cloud savings realized since Nov' 24
Specialized in fast growing B2B SaaS
Direct access to AWS experts

Bas Krijgsman, CEO @ LetsGetDigital

"I'm very positive about our choice of ES Foundation. The quality is excellent, and as a full-service platform for our digital infrastructure, the product and associated services actually do even more than promised. We've really made a significant leap forward in the quality of our infrastructure."

Build on a Solid Foundation

Your SaaS on infrastructure you can trust

ES Foundation is our AWS-based Platform as a Service designed to simplify cloud management for SaaS companies. It provides enterprise-quality modules that are secure by default, rigorously tested nightly, and ready to scale with your business.

With ES Foundation, your developers can focus on delivering features while we handle the heavy lifting of infrastructure management. Whether you’re deploying new applications or optimizing existing setups, our platform ensures seamless, reliable operations.

Advantages of ES Foundation

Benefit from 3000+ hours of DevOps work
No vendor lock-in with ElasticScale
Enterprise quality AWS modules

Platform as a Service for AWS to accelerate development for B2B saas companies

Giancarlo Ercolin, Founder @ AIMaidHelp

"I needed a DevOps to build our IT infrastructure and migrate to AWS, and I found more than that. Alex did a great job, not only in building the environments, but also in advising our development team to successfully migrate our application. I have no hesitation in recommending him and his company for their expertise."

Case studies

These companies already opted for ES Foundation and accelerated their growth.

Case study

Lets Get Digital Case Study

Here's how ElasticScale improved the infrastructure quality for Lets Get Digital without increasing costs.

Reduced costs

60% lower costs

Serverless architecture

No patching required

Case study

Dataswitcher Case Study

ElasticScale implemented ES Foundation at Dataswitcher to improve scalability around peak conversions.

Faster conversions

5x faster

Improved performance

40% latency reduction

Case study

AI Maid Help Case Study

Here's how ElasticScale improved the infrastructure quality for AI Maid Help without increasing costs.

Reduced costs

80% cost reduction

Faster development

Due to Dockerization

Why ElasticScale Stands Out for SaaS

Compare our expert AWS consultancy proposition with the common challenges of traditional providers.

Benefit	Competitors	ElasticScale
Direct access to experts	❌ Often use juniors or non-specialists, varying quality.	Certified AWS specialists working directly with you.
SaaS-specific focus	❌ Generalized, not SaaS-focused.	Tailored for B2B SaaS with small dev teams.
Cost optimization	❌ No guarantees or clear savings.	"No cure, no pay" with measurable savings.
Reliable migrations	❌ Risk of downtime or mismanaged moves.	Zero-downtime strategies for seamless transitions.
Standardized solutions	❌ Custom setups often lack consistency.	Efficient, repeatable results via ES Foundation.
Flexibility and control	❌ Limited flexibility, often fully outsourced.	You retain control with proactive management.

In depth articles about AWS

The information you need so you can move forward, faster.

Abstracting Away from Object Storage Like S3 is Always a Good Idea

Abstracting away from object storage like S3 makes your development process more flexible, testable, and environment-agnostic.

Amazon Chime is Stopping—Here’s Why and What to Use Instead

Amazon is shutting down Amazon Chime, but the decision isn’t random—let’s explore why and which alternatives best match its functionality.

Amazon Cognito vs. Auth0: Why Cognito is a Nightmare

Choosing between Amazon Cognito and Auth0 for authentication? One is cheap but frustrating, the other is powerful but expensive—so which one actually works?

Amazon Q is not helpful at all

Amazon Q is supposed to be the next big thing in AWS AI assistance, but instead, it often leaves users frustrated. From hallucinating incorrect responses to failing basic troubleshooting, Amazon Q pro ...

Apache Cassandra vs Amazon DynamoDB: Performance, Pricing, and Best Practices

Choosing between Apache Cassandra and Amazon DynamoDB? Focus less on the underlying tech and more on schema design, load testing, and tracing metrics for optimal NoSQL performance.

Atlassian Does It Again: The Death of OpsGenie

Atlassian is shutting down OpsGenie, but the real question is: why were you using an Atlassian product to begin with?

Automatically scaling AWS Fargate tasks vertically

When you define a task definition with Fargate you must set the memory and CPU usage of the tasks (and optionally the individual containers) before starting the tasks.

Autoscale ECS with SQS Queue: Why Target Tracking Beats Step Scaling

Scaling Amazon ECS with SQS queues is crucial for handling fluctuating workloads, but most engineers mistakenly use step scaling, leading to inefficiencies like thrashing. A target tracking policy wit ...

AWS API Call via CloudTrail EventBridge events not firing in AWS

This article discusses why AWS API Call via CloudTrail EventBridge events not firing in AWS and what to do. Do you have any further questions after reading this article? If so, please contact me.

AWS Client VPN Alternatives: Why You Should Look Elsewhere

AWS Client VPN is expensive and often overkill—there are better alternatives that cost a fraction of the price.

AWS CodeDeploy Deep Dive: The Good, The Bad, and The Ugly

AWS CodeDeploy promises seamless deployments, but in reality, it introduces challenges that can lead to unexpected headaches.

AWS EventBridge cron expressions are weird

They have some specifics to them that are unexpected if you have been working with regular crontabs for some time.

AWS Fargate Spot: Cost optimization with managed container workloads

Using AWS Fargate Spot instances is a great way to save costs but there are some pitfalls you need to be aware of.

AWS Global Accelerator vs Cloudflare: When to Use Which?

Choosing between AWS Global Accelerator and Cloudflare depends on whether you need seamless global routing for AWS services or a more feature-rich edge network with caching and security.

AWS Lambda SnapStart: Reducing Cold Start Times with Firecracker

Unlock lightning-fast AWS Lambda performance with SnapStart, leveraging Firecracker microVMs to slash cold start times.

AWS SES Best Practices: Increase Sending Limits & Improve Deliverability

Master AWS SES best practices to scale your sending limits quickly and ensure high email deliverability.

AWS whoAMI Attack: When One Misconfiguration Hands Over Your Cloud

A single missing owner filter in your AWS EC2 AMI selection can let attackers hijack your infrastructure. Here’s how the whoAMI attack works and how to secure your cloud.

Best Practices for Secrets Management in ECS Fargate at Scale

Managing secrets in ECS Fargate can quickly become a bottleneck if you don’t choose the right approach from the start.

Building Efficient AWS Multi-Tenant SaaS Architectures

Architecting AWS multi-tenant environments requires balancing cost efficiency and security while ensuring seamless scalability.

Chatgpt score on the solution architect professional exam

How does ChatGPT do on the Solutions Architect Professional exam? The Solutions Architect Professional certification one of the hardest IT certifications you can get. It requires deep and broad knowle ...

Cloudflare WAF vs. AWS WAF: Why Cloudflare is the Better Choice

Compare Cloudflare WAF and AWS WAF to discover why Cloudflare stands out as the superior choice for web application security. Explore key differences in security, ease of use, pricing, and built-in fe ...

CloudFormation vs Terraform: Why AWS’ Native IaC Falls Behind

Is CloudFormation holding you back? Engineers have long debated whether AWS' native IaC tool is even worth using. Let's break down its biggest flaws and why Terraform (with the right tooling) is the b ...

Combining Security Groups IP ranges with Cloudflare

Combining AWS Security Groups IP whitelisting with Cloudflare is problematic because Cloudflare forwards it's own IP instead of the users

Combining Step Scaling and Target Tracking in ECS Fargate for Optimal Scaling

By combining step scaling and target tracking, you can achieve faster, more responsive scaling while still maintaining steady-state efficiency. Here, we’ll explore the benefits of this hybrid approach ...

Cross account AWS KMS keys

Let’s say you have a IAM role in account 12345678 and it needs kms:Decrypt access to an key in another account 987654321, you need to keep the following Policy Evaluation Diagram in mind:

Customizing a Standard Docker Image and Pushing to AWS ECR with GitHub Actions

Picking the right region for your workloads is paramount. It goes way beyond what region is the closest to your customers.

Optimizing AWS CodeBuild for Faster Docker Builds

Optimize CodeBuild Docker build times with smarter runner choices, multi-stage builds, and caching strategies.

How Many NAT Gateways Do You Need in AWS?

Understanding the optimal number of NAT Gateways in AWS is crucial for balancing availability, cost, and resilience in your cloud architecture.

Why CloudFront Signed URLs Are Better Than S3 Presigned URLs

Generate secure, long-lived URLs for S3 objects using CloudFront signed URLs, ensuring controlled expiration and improved security with OAC.

Debugging unexpected issues with Terraform

Since Terraform is relatively new software, you might need to fix issues in a undocumented way. You can spend hours debugging internal providers this way but there are a couple of ways that can help y ...

Do I need a NAT gateway? Maybe. Here’s how to decide if it’s right for your company.

Here's all you need to know if your company needs a NAT gateway. And if it does, the alternatives you can use to reduce cost.

ES Foundation to be officially launched at SaaS Summit Benelux 2024

Today we are announcing the launch of our new PaaS platform ES Foundation. A cloud agnostic platform as a service aimed specifically at solving all infrastructure headaches for growing SaaS companies. ...

Extreme MongoDB database performance with AWS Fargate Sidecars

When you use MongoDB or any other database as a transient data store you will be mainly limited by the network performance of your containers.

From Developer to Cloud Engineer: A Practical Roadmap

This guide provides a structured path to become a Cloud Engineer, breaking down the transition into manageable steps while building on your existing development knowledge.

Gain remote access to an AWS RDS instance

Often your developers or you need remote access to a RDS cluster. Often you would use a bastion host for that. You’d connect to the bastion host and from there configure port forwarding to the instanc ...

Get a cheap VPN into your AWS VPC and worldwide performance improvement through Cloudflare tunnels

In this article you can read about cheap VPN for your AWS VPC and better performance through Cloudflare tunnels.

Getting a shell inside a container on AWS ECS

Sometimes you need to be able to get a shell in an ECS container (ie. bash). Mostly this is to debug some issue in the container. Before 2021 this was practically impossible until AWS launched ECS Exe ...

How do you know what you’re paying for in AWS

Here's your ultimate guide to AWS pricing.

How Does AWS Data Transfer Work?

AWS is synonymous with flexibility and scalability in cloud computing, but when it comes to data transfer costs, its pricing strategy has sparked significant debate.

How secure is AWS KMS?

AWS Key Management Service (KMS) is crucial for ensuring safe and secure data encryption in the cloud. One common dilemma many organizations face is whether to use default AWS-managed KMS keys or to c ...

How to ensure your AWS account is not compromised

Read more to learn the different ways your AWS account can get compromised, how to avoid it, and what to do if you suspect it is compromised.

How to get free AWS credits for your startup or scale-up

How to get free AWS credits for your startup or scale-up? Cloud infrastructure represents one of the largest expenses for entrepreneurs who depend on software. For start-ups and scale-ups aspiring for ...

How to pick the right AWS region

Picking the right region for your workloads is paramount. It goes way beyond what region is the closest to your customers.

How to overcome "Unsupported Wildcard In Principal"

If you want to create an policy that wildcards the Principal AWS element in an IAM trust policy you will get an error.

How to Opt Out of AWS AI Training and Protect Your Data

AWS provides strong data privacy protections, but opting out of AWS AI training requires navigating a complex and obscure process that should be far simpler.

How to Reduce AWS Lambda Costs Without Hurting Performance

Optimizing AWS Lambda costs isn’t just about cutting memory—sometimes, the smartest move is allocating more. Learn when a bigger Lambda is better and when to ditch it for ECS.

How to run Hashicorp Vault Cloud together with Laravel

In this end to end tutorial I will show you how to run Hashicorp Vault Cloud together with Laravel. I made example code in Terraform so you can see how you can provision your Vault cluster on HashiCor ...

How to solve 'Inaccessible-encryption-credentials' in AWS RDS

When your KMS key has been deactivated due to your AWS account being locked you might run into the issue that your database won't start, this blog post contains the solution.

IAM Identity Center Google Workspace SSO: A Seamless Integration with SCIM

Picking the right region for your workloads is paramount. It goes way beyond what region is the closest to your customers.

Implementing Zero-Trust in AWS

Zero Trust Architecture (ZTA) is a security model that operates on the principle of "never trust, always verify." This approach is crucial in cloud environments like AWS, where resources are distribut ...

IAM policy pitfalls

AWS has a lot of poor practices on their website. For instance if you look at the default Lambda execution role:

ISO 27001 Compliance in AWS for SaaS: Why It’s Just the Beginning

ISO 27001 compliance in AWS is just the first step—true security for SaaS companies requires continuous improvements, from white-box pentesting to advanced IAM and threat mitigation.

Locked out of your S3 bucket?

In S3 buckets you can set a bucket policy to allow or disallow actions on the S3 bucket. Often this is used to set a bucket policy to only allow access through an VPC endpoint:

Lost access to your AWS EC2 instance?

If you lose access to your EC2 instance because you have lost your SSH key, here is a quick way you might be able recover the instance with

Managing DNS with Terraform: Automation, Security Risks & Best Practices

Managing DNS with Terraform brings automation and reliability, but if not secured properly, it can also introduce critical risks that could break your application.

Managing multiple AWS accounts in the same browser

Recently, AWS introduced a feature that makes managing multiple AWS accounts in the same browser much easier, simplifying workflows for developers and engineers alike.

Manually fix your Terraform statefile in case of emergencies

The golden rule of infrastructure as code is not to change the infrastructure manually. However manual changes can happen by accident. Leaving the infrastructure in an inconsistent state.

Mastering AWS Fargate CPU and Memory Combinations for Cost and Performance

Optimize your Fargate CPU and memory combinations to reduce costs and improve performance while ensuring your workloads run smoothly.

Migrating from Lightsail to EC2: A Smarter, Future-Proof Strategy

Migrating from Lightsail to EC2 is a great opportunity to rethink your infrastructure and improve scalability, security, and deployment efficiency.

Reduce AWS Fargate pull times with SOCI

One of the major drawbacks of AWS Fargate is that the pull times are relatively slow (compared to EC2). This is because EC2 nodes can have a local image cache on the instance. Fargate is serverless co ...

Reduce your AWS CloudFront costs by switching to Cloudflare

When you have an application behind CloudFront that is read-heavy (like most static websites) you will find that the AWS CloudFront costs can be a nasty surprise on your AWS bill. These costs can be v ...

Run n8n on AWS for less than a cup of coffee per month

n8n is a workflow automation tool that you can use for workflow automation, it is a similar tool to Zapier and is more developer oriented. I recently found that a customer required to launch n8n in mu ...

Running ECS containers on EC2 instances via Terraform

There are several pitfalls when setting up an ECS cluster and these can be quite hard to debug. I made this post to point out some of these pitfalls to get you started. If you create your cluster and ...

Some managed AWS policies are considered harmful

Imagine configuring your AWS with pre-set policies, thinking you’ve secured your cloud environment, only to discover subtle misconfigurations that expose you to unforeseen vulnerabilities. AWS does of ...

Saving money with NAT instances and VPC endpoints

This article addresses the fact that AWS Managed NAT Gateways are expensive and provides solutions on how to save money on your AWS bill by using NAT instances and VPC endpoints.

Terraform and for_each

In this article I explain the use of ‘for_each’ in Terraform through examples. I explain how it handles different data types and ways to resolve common errors.

Terraform module for Prowler security scans

As a solution architect one of the pillars for a solution is cost. There are a lot of paid security scanners for your AWS accounts out there but most of them are quite pricey. For start-ups this cost ...

Troubleshooting "CloudFront Access Denied" Errors: A Step-by-Step Guide

Encountering CloudFront Access Denied errors can be frustrating, especially when your distribution seems correctly configured.

Understanding metadata endpoints and their role in AWS applications

In this blog we dive into detailed usage of the metadata endpoints of ECS. Crucial for understanding how authentication works through official AWS SDKs.

Use pull through cache on ECR to circumvent Docker Hub rate limits

Update November 2023: AWS now natively supports Docker Hub so you can use it directly. You can still use this module if you need custom Docker lines for an image (for example an volume mount).

Verifying S3 Gateway Endpoints: Why AWS Should Make It Easier

AWS recommends using traceroute to verify S3 Gateway Endpoints, but isn't there a better way?

Wake on LAN EC2 instances

EC2 instances can not support wake on lan natively because they use virtual interfaces (ENI’s). Normally wake on lan works by sending a magic packet to a mac address of an interface.

What EC2 instance type should I choose?

Learn what EC2 instance to use in AWS's eu-west-1 region. Explore T-series, Graviton-powered M6G, and other instances for optimal pricing, performance, and cost-saving strategies.

What is Platform Engineering? The Future of Scalable Infrastructure

Building reliable cloud infrastructure is too complex for developers to manage alone. Platform engineering is the future, providing automation and self-service tools that let developers focus on shipp ...

Why do S3 pre signed URLs expire after 12 hours, despite setting a longer duration?

S3 objects can be requested through a so called pre signed URLs, however the pre signed URL is tied to the identity that generated the URL. This means that if the credentials expire that generated thi ...

Why Managed AWS Should Be the Default for Growing SaaS Companies

Managed AWS enables SaaS companies to focus on their own product while ensuring scalability, security, and operational efficiency.

Why Your AWS ECS Task is Stuck in Pending—And What to Do About It

Troubleshooting AWS ECS tasks stuck in pending often reveals underlying infrastructure issues rather than ECS misconfigurations.

Why S3 SignatureDoesNotMatch Errors Waste Your Time

Struggling with the S3 SignatureDoesNotMatch error? Before debugging your app, try a minimal request in Postman or Insomnia—you might be surprised where the real problem lies.

Why You Should Rethink AWS RDS Snapshots for Backups

Easily access RDS snapshots on S3 while avoiding common pitfalls—learn how to implement a flexible backup strategy beyond AWS snapshots.

You do not need that bastion host, there are better alternatives

This article discusses why you do not need that bastion host and what the alternatives are. Do you have any further questions after reading this article? If so, please contact me.

Ricardo Archaga, IT Operations Manager @ Farinter

"Alex is an excellent professional and his recommendation is very accurate. I am in the process of implementing a cost savings plan and Alex has answered all my doubts about it. Thanks for your support, service with excellence!"

Grow your SaaS while we handle your infrastructure.

Book a call to discover how our AWS experts can streamline your workload or complete our maturity assessment.