5 Production Apps on a Single AWS Platform for Under $150/Month

A growing transportation and logistics company operating cross-border freight between Mexico and the United States needed to replace their manual workflows with purpose-built digital tools. Their operations spanned fleet management for 50+ drivers, vehicle inspections and maintenance across multiple workshops, container interchange tracking at their yard, and bi-weekly payroll processing for 116+ employees across two countries.

There was no existing software — everything ran on spreadsheets, WhatsApp messages, and paper forms. The company needed not one application but an entire suite: a transportation management system for dispatchers, a mobile-first PWA for drivers in the field, a workshop app for mechanics, a gate operations app for yard personnel, and an automated payroll system. All of this needed to run on AWS with a budget that a mid-size logistics company could sustain — not enterprise-level cloud spending.

Midway through operations, the infrastructure suffered an active security attack — a botnet attempted remote code execution through the application layer, injecting shell commands targeting the Next.js Server Actions endpoint. The attack originated from a known malware distribution server and required immediate incident response while keeping all five production services online.

• Multi-app ECS architecture: Deployed 5 containerized applications on AWS ECS with EC2 launch type across multiple instances (t3.large for the main TMS, t3.medium for each satellite app). All services share a single Application Load Balancer with path-based routing and HTTPS termination. Bridge networking mode eliminates ENI limits that would otherwise restrict task count on smaller instances.
• CI/CD automation: GitHub Actions pipelines for every application — push to main triggers build, Docker image push to GitHub Container Registry, ECS task definition update, and service deployment. Average deployment time under 6 minutes with Docker BuildKit caching. Staging branches deploy to separate staging environments for the TMS and operators app.
• Payroll automation: Built a Flask-based service that processes multi-employee payroll PDFs — splitting, matching to employee records, storing in S3 with year/month organization, and distributing via AWS SES email. Processing 92 employees takes approximately 2 minutes at a cost of $1.70/month versus $40+/month for manual processing or $200–$500/month for commercial payroll distribution tools.
• Routing engine deployment: Deployed a self-hosted GraphHopper instance with OpenStreetMap data on a t3.xlarge, providing truck-specific routing for Mexico-USA routes. Three custom routing profiles (balanced, shortest distance, practical) replace a PC*MILER API subscription that would cost $6,885+/year. The self-hosted solution costs $122/month — a $574/month saving.
• Security incident response: When the botnet attack was detected, we executed a full incident response within hours: rotated all AWS credentials and database passwords, implemented AWS WAF with 5 managed rule sets (IP reputation, known bad inputs, SQL injection, Linux-specific, common rules), hardened security groups to ALB-only ingress, added Network ACL rules blocking the malware distribution server IPs, and rebuilt instances from clean AMIs. Post-hardening, 100% of subsequent attack attempts have been blocked.
• Database incident recovery: Diagnosed and resolved an RDS out-of-memory crash (db.t4g.micro with 500MB RAM hitting OOM under 40-50 concurrent connections). Upgraded to db.t4g.small, configured CloudWatch alarms for memory, swap, CPU, and connection count, and set up Discord notifications via Lambda for proactive monitoring.
• Cost optimization: Evaluated AWS Compute Savings Plans ($33/month savings), right-sized EC2 instances based on actual utilization, and eliminated waste — no orphaned resources, no unused Elastic IPs, S3 lifecycle policies for log rotation.