Hi,
Greg Lazarus here, Solution Architect.
I design cloud infrastructure for a living. VPCs, subnets, security groups, IAM policies, RDS clusters, ECS services and more. I've done it hundreds of times for companies across Latin America, Europe, and the US.
But here's my dirty secret: I hate deploying what I design.
Not because deployment is hard. Because it's repetitive, error-prone, and soul-crushing. Every time I hand off an architecture to a development team, the same thing happens. They need infrastructure. I design it — properly. Multi-AZ, encrypted, least-privilege IAM, flow logs, the works. Then the deployment part starts, and everything falls apart.
The Pattern I See Everywhere
The senior engineer on the team opens a Terraform file and starts translating my architecture into HCL. Three days later, they have something that mostly works. But the IAM policy is a bit too broad because scoping it was annoying. Flow logs aren't enabled because they forgot. The security group allows SSH from everywhere because "it's just staging." Encryption at rest isn't enabled because the Terraform docs for KMS were confusing.
Meanwhile, the rest of the team has been blocked for those three days, waiting for a VPC so they can deploy their application. If they're unlucky enough to not have that senior engineer, they do what every growing team does: someone opens the AWS console and starts clicking.
An hour later they have infrastructure. No version control, no reproducibility, no standards, no documentation. Just a running service that nobody can explain or recreate. Six months later, a SOC2 auditor finds three public S3 buckets, an RDS instance without encryption, and an IAM policy that says "Effect": "Allow", "Action": "", "Resource": "". Everyone acts surprised. Nobody should be.
I've seen this pattern at 20+ companies. The architecture knowledge exists — it's in my head, it's in the senior engineer's head, it's somewhere in a Confluence page that was last updated eight months ago. But it's not encoded anywhere that actually enforces it.
What I Wanted to Exist:
I wanted a system where I could define my architecture once — properly — and have it be deployable by anyone. Not "here's a Terraform module, go figure it out." Not "read the wiki and follow the steps." Something where a developer who has never thought about VPC CIDR ranges could deploy production-grade infrastructure in 10 minutes by filling out 5 fields.
And I didn't just want deployment. I wanted the full lifecycle:
Governance: I lock encryption to AES-256. The developer literally cannot deploy an unencrypted database to production. Not because they read a policy — because the platform refuses.
Transparency: Before anything touches the cloud, they see every resource that will be created, the estimated cost, and whether all compliance checks pass.
Drift detection: When someone inevitably goes into the AWS console and opens a security group at 2 AM, I want to know by 8 AM. Not six months later during an audit.
Lifecycle: When I improve the architecture standard — tighter IAM, better monitoring, new caching layer — every team running the old version can upgrade with a preview of exactly what changes.
I looked at what existed. Nothing did all of this.
What Exists and Why It Wasn't Enough
Backstage: Beautiful service catalog. Plugins for everything. But it doesn't deploy anything. When your developer needs a staging environment, Backstage shows them a README. It took Spotify a dedicated team to build and maintain it. It takes most companies 3-6 months just to get it running. And at the end, you still need Terraform Cloud, ArgoCD, and a team to glue it all together.
Port.io: Slick developer portal with drag-and-drop workflows. But again — it's a portal. The UI layer on top of your existing tools. You still need the tools underneath. That's $50k+/year in tooling before you write a single workflow.
Terraform Cloud: Runs terraform plan and apply. That's it. No catalog, no governance UI, no self-service for developers, no drift management beyond plan output. Your developers still need to know HCL.
Humanitec: Orchestrates your existing tools. You still need those tools. You're paying for a coordination layer on top of your existing complexity.
None of them actually deployed infrastructure with governance built in. None of them managed the full lifecycle. None of them let a developer who doesn't know what a CIDR range is deploy a production-ready VPC.
So I Started Building
Nights and weekends. For months.
The stack: Next.js frontend, FastAPI backend, DynamoDB for data, Pulumi as the deployment engine running on AWS Fargate for long operations, WebSocket for real-time deploy progress.
Why Pulumi? Because it's real code — TypeScript and Python — not YAML or HCL. I can write actual logic, compose modules properly, and test them. But here's the thing: the developer using my platform never sees Pulumi. They never see any code. They see a catalog of blueprints, a configuration form with 5 editable fields, a preview showing exactly what will be created, and a deploy button.
The platform accepts Terraform, CloudFormation, and Pulumi as input. Paste your existing .tf files, and it converts them into a governed blueprint. The IaC language doesn't matter. The governance on top of it does.
I called it AskArchie — because the original idea was "don't know how to do something in the cloud? Just ask Archie." It evolved from that into something bigger: a platform where architecture knowledge is encoded, enforced, and evolvable.
What It Actually Does Today
It's live !.
Real deploys to real accounts. Not a demo, not a prototype. 89 templates across AWS, GCP, Azure, and Kubernetes. Everything from a simple S3 static website to a full production API stack with VPC, ALB, ECS Fargate, RDS Multi-AZ, and monitoring.
Blueprint governance: platform teams fork my base templates, lock the fields they want to enforce (encryption, CIDR ranges, instance types, IAM policies), and publish to their org. Developers see a clean form with 5 editable fields and 5 locked fields with explanations of why they're locked.
Deploy with preview: nothing touches the cloud without a full pulumi preview first. Every resource listed, every cost estimated, every guardrail checked. If a compliance check fails, the deploy is blocked. Not warned — blocked.
Drift detection: runs automatically every 6 hours. When someone changes a security group via the console, Archie catches it, classifies the severity, and shows the expected vs actual state side by side. One click to remediate. Back to compliant.
Blueprint lifecycle: publish new versions, see which stacks are behind, preview the upgrade diff before applying. Infrastructure standards that evolve safely, not through Confluence pages nobody reads.
Brownfield import: scan an existing AWS account, discover running resources, import them into Archie without recreating anything. Now they're managed, tracked, and governable.
AI-assisted creation: describe what you need in plain English, Archie generates the infrastructure code. Or paste your existing Terraform — it converts and governs it.
Slack integration: every deploy, every drift detection, every approval request — your team sees it in real time.
The Hard Part Isn't Building I'm an architect. Building technical systems is what I do. The hard part is everything else. Finding customers when you're a technical person who doesn't know how to sell. Explaining what an IDP is to someone who's never heard the term. Competing with funded startups that have 50-person teams and $35M in the bank. Building credibility when your LinkedIn says "side project" and theirs says "Series B."
But here's what I keep coming back to: nobody else built the full thing. The catalog companies don't deploy. The deployment companies don't govern. The AI companies generate code but don't manage the lifecycle. The orchestrators coordinate existing tools but don't replace the need for them.
I built one product that does all of it. It's not perfect. There are rough edges. But it works, it's real, and it solves a problem I see at every company I work with.
What I'm Looking For
I'm not looking for funding. I'm not looking for a co-founder.
I'm looking for 3 platform engineers who are tired of the same problems I described. Who want to try a different approach. Who are willing to give honest feedback — what works, what's broken, what's missing. If that's you, you can explore the full product right now without signing up. There's demo data showing governed blueprints, deployed stacks, drift alerts, and cost tracking. You can even deploy a real static website to AWS in 30 seconds — for free, no account needed. Or if you're the type who wants to talk to a human: my linkedin is open.
The product is live at app.askarchie.io. The landing page is askarchie.io. If you're an architect or platform engineer who nodded while reading this — I built it for us.
Thanks for reading. More blog post to come.
Greg Lazarus is a Solutions Architect and the founder of AskArchie, a Cloud Standards Platform that deploys, governs, and manages infrastructure lifecycle. He builds Archie on nights and weekends from Tulum, Mexico. He still doesn't know how to sell.
Top comments (0)