AWS workload isolation without the engineering time.

Substrate is a powerful framework for creating, managing, and accessing AWS accounts.

Why Substrate?

Security and reliability are built on isolation between environments and individual services. In Amazon Web Services, the most robust form of isolation available is the AWS account.

Substrate makes having lots of AWS accounts—and the robust isolation they provide—faster to implement and easier to operate.

Features

Automatically configure AWS Organizations, IAM, and CloudTrail
Create AWS accounts for all your services
Manage and peer VPCs for all your environments, shared with just the right service accounts
Expire AWS credentials every 12 hours
Get a head start on the SOC 2 criteria for access control, change management, and segmentation

Integrate with your existing identity provider
Automatically configure production-ready Terraform state storage and locking
Organize all your AWS accounts for easy, unambiguous navigation
Orchestrate Terraform runs across multiple regions and accounts
Create IAM roles and policies with obviously no bugs (instead of no obvious bugs)

Substrate in action

The tools Substrate includes can be composed in infinite ways to build and manage foundational AWS resources like accounts, VPCs, and IAM roles, teeing you up to build secure and reliable infrastructure on top.

Our customers

All AWS access is immediately solved for us. It’s like having a team of SREs that have set a standard that makes it easy for non-SREs to follow.

Casey Crites

Metronome

Having Substrate allowed us to bootstrap our AWS infrastructure in a way that large enterprises desire but struggle to accomplish.
‍

Nate Brown

Defined Networking