SaaS · Trading Education

Tradeprentice

Production-grade infrastructure for a live trading platform — delivered in weeks.

tradeprentice.io
Client
SpinLab
Industry
SaaS · Trading education
Services
Cloud architecture · DevOps · CI/CD
Platforms
AWS Organizations · ECS Fargate · RDS Multi-AZ
The challenge

From dev environment to production-grade platform

Tradeprentice already had a working development environment, but moving to production meant solving for real availability: multi-AZ redundancy, autoscaling during market-hour spikes, and zero-downtime deploys for a live audience of active traders.

SpinLab, the software team behind the platform, needed a cloud architecture that could grow without being redesigned — with full account isolation between dev and prod, and a CI/CD pipeline that matched their Git workflow exactly.

The solution

Multi-account AWS Organizations with full pipeline automation

  1. We structured the platform under AWS Organizations from day one, with DEV and PRD in separate accounts under a dedicated Workload OU. Each environment has its own billing boundary, IAM scope, and security perimeter — a misconfiguration in dev literally cannot reach production.

  2. Five independent containerized services run on ECS Fargate: frontend, backend API, a dedicated WebSocket server for real-time trading signals and price feeds, a backoffice portal, and a scheduled job runner — each deployed and scaled independently with zero server management. RDS PostgreSQL Multi-AZ provides automatic failover. ElastiCache Redis handles session state and query caching, keeping response times fast even during market-hour spikes.

  3. GitHub Actions drives CI/CD with OIDC — no long-lived AWS credentials anywhere in the pipeline. Every commit to develop auto-deploys to the dev environment. Production gates on manual approval. Terraform manages all infrastructure across two repositories, with remote state in S3 and DynamoDB table locking.

Architecture
AWS Organizations
IAM Identity Center SSO · MFA · Access governance
GitHub Actions + OIDC Terraform (S3 + DynamoDB)
Each AWS account is a hard blast-radius boundary — dev activity cannot touch production, billing, or IAM in the prod account.
Tech stack

Tools we used

  • AWS Organizations Multi-account isolation
  • ECS Fargate Serverless containers
  • Application Load Balancer Traffic routing
  • RDS PostgreSQL Multi-AZ High-availability database
  • ElastiCache Redis Session & query cache
  • WebSockets Real-time trading signals
  • WAF Web application firewall
  • GitHub Actions + OIDC Keyless CI/CD
  • Terraform Infrastructure as code
  • Secrets Manager Auto-rotating credentials
  • IAM Identity Center SSO & access governance
  • CloudWatch Metrics & log aggregation
  • ACM TLS certificate management
Results

Dev to production in weeks, not months

100% infrastructure as code
2 fully isolated environments
0 long-lived credentials
Multi-AZ automatic DB failover
"Working with Pluralty was a turning point. They took full ownership of the cloud layer and handed us back a platform we could actually trust in production from day one."
Federico Perez CEO, SpinLab
Building something similar?

Let's talk about your platform

Whether you're starting fresh or moving an existing app to production, we'll design the infrastructure around your actual requirements.

Get your free assessment