
Sam Bashton
Verified Expert in Engineering
DevOps Engineer and Developer
Sydney, Australia
Toptal member since September 5, 2022
Sam has more than 15 years of cloud computing experience across a wide range of verticals, from high-growth startups to established enterprises. He excels at building a cloud infrastructure that empowers developers and increases their efficiency while ensuring secure environments. Automation is at the core of everything Sam does, as he always tries to build reliable, repeatable solutions that enhance organizational productivity and minimize or eliminate drudgery.
Portfolio
Experience
- CI/CD Pipelines - 20 years
- Amazon Web Services (AWS) - 16 years
- AWS CloudFormation - 12 years
- Google Cloud - 8 years
- Terraform - 6 years
- Serverless - 6 years
- AWS Cloud Architecture - 2 years
- Cloud Development Kit for Terraform (CDKTF) - 1 year
Availability
Preferred Environment
Amazon Web Services (AWS), Google Cloud
The most amazing...
...thing I've built was a development lifecycle platform for a major international airline with radical improvements in developer productivity.
Work Experience
Principal Consultant
IAG
- Collaborated on a three-month engagement to build automation for Akamai.
- Migrated Akamai environment from 'clickops' web UI management to full infrastructure-as-code.
- Utilized Terraform CDKTF built using TypeScript, and the deployments were managed via GitHub Actions.
Cloud Lead
Qantas
- Built a complete cloud-native development lifecycle platform that allowed developers to leverage the power of AWS while ensuring security.
- Designed and led the implementation of a petabyte-scale data lake solution.
- Re-engineered AWS networking from a virtual private cloud (VPC) peering connection to utilize AWS Transit Gateway, removing hard limits on AWS growth and simplifying connectivity.
Founder
Bashton Ltd
- Built a consultancy firm from zero employees to over one hundred. It initially started as a company focused on open-source software, but I pivoted it to focus on cloud computing from 2010 onwards.
- Provided consultancy and managed support for cloud computing environments across AWS and Google Cloud.
- Led the company to a successful exit via acquisition by Claranet Group, an internationally-managed service provider.
Consultant
ITV
- Designed and built the common platform, a method for ITV to utilize AWS in a standardized way across the enterprise.
- Built infrastructure for the first common platform customer, ITV Hub, a TV streaming platform with millions of users in the UK.
- Developed infrastructure for partner media sharing using serverless technologies, introducing significant cost savings and reducing onboarding time for partners from months to minutes.
Experience
Akamai Automation with CDK for Terraform
This involved writing CDKTF constructs to make managing Akamai via Terraform simpler and a full CI/CD pipeline for automated testing and deployment of changes through relevant environments (dev, test, production).
The CI/CD pipeline was built using GitHub actions.
In addition, I wrote code that utilized the Akamai API to convert existing 'clickops' created properties to the newly built infrastructure-as-code platform.
AWS IDS Implementation for an International Airline
They considered extremely expensive IDS 'devices' for capturing all VPC traffic.
I wrote reports and presented them to senior stakeholders to help them understand their requirements could be met and even exceeded by using AWS GuardDuty, a solution available at a fraction of the cost of the IDS solution they were considering.
I oversaw implementing GuardDuty across the estate of several hundred AWS accounts, creating automation to ensure that newly created accounts were automatically enrolled in GuardDuty. The automation I created also ensured that SoC and those in charge of the infrastructure findings were related to were altered.
Automation was performed via a combination of AWS CloudFormation StackSets and AWS Lambda, with functions written in Go.
Qantas AWS Network Refactoring
I designed and implemented a move to AWS Transit Gateway. This removed bottlenecks, relieving the immediate pain point. The implementation provided automation for newly created accounts, utilizing AWS Lambda and AWS CloudFormation to connect new accounts appropriately without requiring any human interaction.
Transit Gateway additionally provided a path for multi-cloud adoption, with Google Cloud and Azure peering providing significant extra flexibility for the organization.
AWS Cost Optimization for International Airline
Working with another team member in charge of shutting down unused and right-sizing AWS instances, I focused on less obvious methods for finding cost savings.
I was able to find several million dollars annually in additional savings, over and above those from more traditional cost optimization techniques.
I did this by utilizing Python and Boto3 to interrogate several hundred AWS accounts and devising innovative strategies to save costs.
These included:
• Finding and removing unused RDS and RDS Aurora instances.
• Aligning AWS RDS and RDS Aurora instance type used across accounts and teams, enabling significantly higher reserved instance coverage.
• Finding and removing unused EBS volumes.
• Converting provisioned IOPS EBS volumes to gp3 volumes, which provided the same performance at a much lower cost.
• Converting gp2 volumes to gp3 volumes
• Finding and removing unused ELBs.
All of these strategies were implemented in a fully automated manner, with no more than 60 seconds of downtime for any individual change.
LUSH Google Cloud Migration
https://cloud.google.com/customers/lushWe were given an insanely short timescale of 30 days, so I led a team of ten who managed to refactor and migrate the environment in just 22 days. The efforts were worthwhile as LUSH had their largest ever daily sale just one month later, with the new infrastructure providing 100% uptime throughout this period.
ITV Hub
https://youtu.be/HaZbA3uN3Zc?t=1650Migration to Kubernetes
https://www.claranet.co.uk/case-studies/oddschecker-makes-safe-bet-future-growth-claranet-cloud-migrationAs well as doing design and hands-on work, I also provided training to upskill the in-house team to support the environment.
Conference Talk: Infrastructure as Code Using Terraform
https://www.slideshare.net/SamBashton/infrastructure-as-code-with-terraformThe talk introduced infrastructure as code more generally and talked about the specifics of managing AWS via Terraform.
Fintech AWS Migration
https://aws.amazon.com/solutions/case-studies/currencycloud/I refactored their environment into highly available autoscaling infrastructure and migrated from an active and passive MySQL configuration to Amazon Aurora.
The customer enjoyed significantly better uptime and 30% lower costs. Please see the AWS case study in the project URL for full details.
Kubernetes Platform as a Service Build for a Major Insurance Group
The primary goals for the project were:
• Maintainable by a small core team (five members).
• Enforces company compliance and security requirements.
• Accelerates development by allowing developers to self-serve as much as possible while adhering to compliance and security requirements.
AWS EKS was selected primarily because of the company's general direction of moving to AWS. A combination of Kubernetes admission controllers, RBAC, AWS IAM, and AWS Config was used to ensure compliance and security not just across Kubernetes but also across associated resources in AWS.
Certifications
AWS Certified Security – Specialty
Amazon Web Services
AWS Certified DevOps Engineer Professional
AWS
AWS Certified Developer Associate
AWS
AWS Certified SysOps Administrator Associate
AWS
AWS Certified Advanced Networking – Specialty
Amazon Web Services
AWS Solutions Architect – Professional
Amazon Web Services
AWS Solutions Architect – Associate
Amazon Web Services
Skills
Libraries/APIs
Node.js
Tools
AWS CloudFormation, Puppet, Terraform, Cloud Development Kit for Terraform (CDKTF), AWS IAM, Jenkins, Amazon CloudWatch, Vagrant, GitLab CI/CD, Amazon EKS, Amazon Virtual Private Cloud (VPC), Git, Boto 3, AWS ELB, Amazon Elastic Block Store (EBS), GitLab, Google Kubernetes Engine (GKE), Amazon Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), Amazon Elastic Container Service (ECS), AWS Fargate, GitHub, AWS Key Management Service (KMS), HashiCorp, OpenVPN, Ansible, Kibana, VPN, Helm, Jira, Zabbix, CircleCI
Languages
Go, Python, Bash, JavaScript, SQL, TypeScript
Paradigms
DevOps, Automation, DevSecOps, Automated Testing, Management, Serverless Architecture, Deep Packet Inspection (DPI), Continuous Integration (CI), ETL
Platforms
Amazon Web Services (AWS), Docker, Kubernetes, Amazon EC2, AWS Lambda, Google Cloud Platform (GCP), Linux, AWS IoT, AWS Cloud Computing Services, Cilium, Apache Kafka, Azure
Storage
Google Cloud, Data Lake Design, Amazon DynamoDB, Amazon Aurora, Google Cloud SQL, Amazon S3 (AWS S3), AWS Snowball, MongoDB, MySQL, Redshift, PostgreSQL
Other
Networking, Cloud, AWS DevOps, AWS Cloud Architecture, CI/CD Pipelines, Serverless, AWS Lake Formation, AWS Transit Gateway, High Availability Disaster Recovery (HADR), SDKs, APIs, IT Support, Load Balancers, Site Reliability Engineering (SRE), Architecture, Cloud Computing, Linux Administration, Infrastructure as Code (IaC), High-availability Systems, AWS CodePipeline, Security, Cloud Migration, Identity & Access Management (IAM), GitHub Actions, Containerization, Scripting, Amazon RDS, Containers, Container Orchestration, Team Leadership, Training, Consul, Autoscaling, Amazon GuardDuty, AWS Certified Solution Architect, Mentorship, Technical Writing, Consulting, Amazon API Gateway, Cloud Security, Amazon Route 53, Web Application Firewall (WAF), TCP/IP, Linux Network Stack, Transport Layer Security (TLS), Agile DevOps, AWS Certified DevOps Engineer, AWS Certified Developer, Cost Reduction & Optimization (Cost-down), Cluster Management, System Administration, Systems Monitoring, Log Management, IT Security, Development, Akamai, Point-to-Point Tunneling Protocol (PPTP), Karpenter
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring