Leaving AWS: Saved Us 90%, Made us Sovereign and Kept ISO 27001
I was paying AWS $24,000 a year, and it felt completely wrong.
For a bootstrapped company like mine, that figure was more than just an expense line; it was a constant, nagging reminder that we were renting our foundation from a landlord whose interests might not always align with ours. Every founder and CTO knows the feeling. You start on a major cloud provider because it’s easy and it’s the default. But over time, the convenience starts to feel like a cage. The bills creep up, the services become a tangled web of dependencies, and you find yourself on a vendor lock-in treadmill you never intended to join.
The cost was only part of the story. As a Danish company serving European clients, a bigger, more strategic problem was looming: data sovereignty. With regulations like GDPR, the ever-present shadow of the CLOUD Act, and the legal drama of Schrems II, relying on U.S. hyperscalers felt like building on shaky ground. How could we promise our enterprise and government clients that their data was truly safe when our infrastructure was subject to the jurisdiction of a foreign government?
We knew we had to make a change. Not just a small tweak, but a fundamental shift in how we thought about our infrastructure. So we left. We migrated off AWS and built our own stack on European providers Hetzner and OVH.
The result? We cut our cloud bill by 90%. But more importantly, we gained control, resilience, and a powerful competitive advantage.
The journey wasn't trivial, but it was far more achievable than the cloud providers’ marketing departments would have you believe. Now, I’m offering you the blueprint.
Introducing the Sovereign Cloud Starter Kit
After sharing my story on Hacker News, the response was overwhelming. It was clear that countless others felt the same tension between cost, compliance, and control. Many were considering a similar move but were daunted by the perceived complexity and risk.
That’s why I’ve packaged our entire, battle-tested solution. This isn’t just a few scripts; it’s a complete, auditable, and production-ready system designed to free you from the hyperscaler ecosystem. It’s what I'm selling: my Ansible playbooks, my Grafana ISMS dashboard, and the exact policies that got us through a rigorous ISO 27001 audit.
This is your shortcut to digital sovereignty.
1. The Playbooks: Your Infrastructure on Autopilot
Forget the FUD (Fear, Uncertainty, and Doubt) about needing a massive DevOps team to manage your own servers. The key is automation. Our comprehensive set of Ansible playbooks builds you a hardened, repeatable, and resilient environment from the ground up.
Multi-Cloud Resilience, Baked-In: Deploys your stack across multiple providers (like Hetzner and OVH) from day one. If one provider has an outage, you can redirect traffic in minutes. No single point of failure.
Automated Postgres Management: Everything you actually use from RDS, without the price tag. Automated backups to S3-compatible object storage, streaming replication for a hot standby, and Prometheus metrics for performance monitoring.
Security & Hardening by Default: Secure SSH, UFW firewall rules, auditd logging, clock synchronization—all the crucial details that an auditor (and your customers) will look for are handled automatically.
Zero-Downtime Deployments: Safe, rolling deployments for your applications with health checks and easy rollbacks.
2. The Dashboard: ISO 27001 Compliance You Can Actually See
Getting an ISO 27001 certification can feel like a nightmare of spreadsheets and documentation. We turned it into a live, real-time dashboard. Using a combination of Prometheus, Grafana, and Loki, our custom ISMS dashboard gives you unprecedented visibility into your security posture.
Instead of just claiming you have controls, you can prove it.
Visualize Your Controls: See live data on everything from user access rights and network controls to backup success rates and SSL certificate expiry.
Simplify Audits: When the auditor asks for evidence, you won’t be digging through logs. You’ll point them to a dashboard that shows your policies in action, 24/7.
From
A.9.2.1 User registrationtoA.16.1.5 Response to incidents: We’ve mapped dozens of critical ISO 27001 controls directly to the metrics and logs generated by your infrastructure.
3. The Policies: The Bridge Between Code and Compliance
The final piece is the documentation that ties it all together. We provide the clear, concise policy documents that explain how your technical infrastructure meets the requirements of your Information Security Management System (ISMS). This is the connective tissue that saves you hundreds of hours of consulting and legal fees.
This Is Not for Everyone. Is It for You?
Let’s be honest. If you’re a VC-funded startup with millions in the bank, burning cash on AWS might not be your biggest problem. But if you’re like us—a bootstrapped company, a lean SMB, or a CTO who values efficiency and long-term strategy—this is a different conversation.
People will tell you the savings aren't worth the hassle. They'll say you need a dedicated SRE, that budget providers are unreliable, that you're playing with fire. Here's my answer, based on real-world experience:
On Cost: The time it took to build this paid for itself within months. Our ongoing operational FTE is exactly the same as it was on AWS: 0.1 FTE.
On Reliability: Any provider can fail. AWS can (and does) suspend accounts. Our multi-cloud architecture, designed for failure, is arguably more resilient than being locked into a single provider's availability zones.
On a Competitive Edge: The most important metric isn't
cloud spend vs. salary. It’scloud spend vs. revenue. Being able to confidently win enterprise and government deals in Europe because you have a clear, verifiable story on data sovereignty is an advantage that's hard to price.
Let's Build a Cloud That Works for You
You don't have to be trapped on the hyperscaler treadmill, paying for vendor lock-in and features you don't use. You can own your stack, control your costs, and meet the strictest compliance standards.
We’ve already navigated the path, taken the arrows, and built the blueprint. If you’re ready to take the leap, I can help you get there in a fraction of the time.
Interested in learning more about the Sovereign Cloud Starter Kit and how it can be adapted for your business?
Reach out on LinkedIn https://www.linkedin.com/in/jknobel/
Email us: jk@datapult.dk
Buy the code: https://knobel-dk.github.io/landingpage-iso-playbooks/
We posted a similar story at https://medium.com/@accounts_73078/goodbye-aws-how-we-kept-iso-27001-slashed-costs-by-90-914ccb4b89fc