Tyler Wengerd

Senior Cloud Architect I

"Tenacious"

he/him

Cloud Architect with 10+ years of cloud expertise, both on AWS and GCP. Focused on security, networking, and IaC.

When I'm not at work, you might find me riding my bicycle or playing the ukulele (not simultaneously).

Security
Networking
AWS
GCP

My Certifications

AWS Certified Advanced Networking – Specialty
AWS (last renewed/obtained: Jun 17, 2024)
Expires Jun 17, 2027
AWS Certified Developer – Associate
AWS (last renewed/obtained: Sep 16, 2024)
Expires Sep 16, 2027
AWS Certified DevOps Engineer – Professional
AWS (last renewed/obtained: Sep 16, 2024)
Expires Sep 16, 2027
AWS Certified Security – Specialty
AWS (last renewed/obtained: Apr 15, 2024)
Expires Apr 15, 2027
AWS Certified Solutions Architect - Associate
AWS (last renewed/obtained: Aug 15, 2015)
Expires Jul 13, 2026
AWS Certified Solutions Architect - Professional
AWS (last renewed/obtained: Aug 12, 2017)
Expires Jul 13, 2026
AWS Certified SysOps Administrator - Associate
AWS (last renewed/obtained: Sep 16, 2024)
Expires Sep 16, 2027
AWS Partner: Accreditation (Technical)
AWS (last renewed/obtained: Aug 25, 2025)
Expires Aug 25, 2028
Google Cloud Professional Cloud Architect
Google (last renewed/obtained: Dec 5, 2025)
Expires Dec 5, 2027
Google Cloud Professional Cloud Security Engineer
Google (last renewed/obtained: Sep 26, 2025)
Expires Sep 26, 2027
Hashicorp Certified Terraform Associate
Hashicorp (last renewed/obtained: Feb 21, 2025)
Expires Feb 21, 2027
Hashicorp Certified Terraform Authoring and Operations Professional
Hashicorp (last renewed/obtained: Feb 21, 2025)
Expires Feb 21, 2027

What my customers say

5.0/ 5across 13 reviews customers left for me in the last 90 days

Excellent support from do it

lit-transit.com · Apr 2026

The AWS response made sense to stop the bad actor by locking the account down, but it applied to all users, and we had no way to re-enable trusted users for example to begin recovery, remediation, and forensics. While we hope to not encounter this scenario this way again, it's also true that the AWS response could have made things worse in that we would not have had any options to mitigate a worse breach other than begin to shut down our AWS services to halt an unknown in-progress actor, and generally further lock things down to eventually rebuild, causing undue harm to the business.

going.com · Jun 2025

I wanted to express my sincere appreciation for the exceptional support regarding the 503 errors we encountered. Your thorough investigation and prompt responses provided us with immense peace of mind, clarifying the independent operation of CloudFront's DDoS protection and its ability to block suspicious requests before they reach the WAF. Your detailed explanations were incredibly helpful in understanding the situation, and we are truly grateful for your ongoing vigilance and proactive assistance.

leadtech.com · Jun 2025

1 / 15

What I'm writing

Get my new posts in your inbox →

What I've open-sourced

Browse all my contributions.

Frequently asked
questions

What do you do at DoiT?

I'm part of an elite team of engineers who help solve problems for DoiT customers. I have years of security and networking experience on AWS and GCP, so I tend to focus on those topics. For example:

- Run security assessments
- Triage security incident investigations
- Architect network and DNS designs
- Troubleshoot permissions issues
- Test out new features and services

Overall, though, I'm here because I like working with people and I like solving problems. If you're a person with a problem (who isn't?), maybe I can help.

I want to improve my security in AWS. Where do I start?

AWS has a Top 10 list here that I constantly reference. Beyond that, the list of tools never ends.

Want to learn more? We do security assessments all the time for DoiT customers, and I'd be happy to help you out. We also can automatically generate security insights for you!

I'm used to AWS (or GCP) and I'm trying to learn GCP (or AWS). What are some big differences?

One big difference I had to get used to is how they handle IAM:

- AWS IAM roles are similar to Google Cloud's Service accounts. Google's service accounts and AWS IAM role can both be assigned to resources to give them permissions.
- Google IAM roles are sets of permissions, similar to AWS IAM policies
- If you need external access to AWS from a service, traditionally you created an IAM user with an access key. Google allows you to create keys for service accounts. These days, IAM Roles Anywhere are recommended, instead of IAM users, to allow external service access to AWS.

I might add a non-network/security answer here eventually. Keep an eye out!

What is a JA4 fingerprint?

Wow, great question. I've written up a blog post about just that topic. Have a look and let me know if you have any questions or suggested improvements!

Terraform? CloudFormation? Something else?

I'm team Terraform (or OpenTofu) 95% of the time.

_{Disagree? That's okay – different strokes for different folks}

Do you like dogs?

I love dogs! (See the GIF FAQ below.) I also love cats. Most animals, really. Snakes and lizards are cool and I enjoy seeing them in the wild and in my yard. Goats seem like a lot of fun, but they need way more space than I have right now. But yeah, uh, dogs! Dogs are great.

What's your favorite GIF?

Got 53 minutes? Check out this episode of DoiT's Cloud Masters podcast:

_{pro tip: it's only 35 1⁄3 minutes if you do 1.5x speed}

Time zone not a fit?

I'm on US Eastern time, but sometimes you need someone closer. That's fine, everyone needs to sleep. Here are my esteemed colleagues across plenty of timezones, so you can find one who works with your schedule.

-12

-11

-10

-9

-8

-7

-6

-5

-4

-3

-2

-1

+10

+11

+12

+13

+14

UTC-8
6 FDEs
AWS Core Services×3AWS DevOps×2AWS Networking×2
+1
UTC-7
5 FDEs
AWS×2Networking×2AI×1
UTC-6
6 FDEs
AI×1Aurora×1AWS×1
+1
UTC-5
25 FDEs
AWS Core Services×5AWS DevOps×5AWS Security and Identity×5
+20
UTC
10 FDEs
AWS×3AI×2AWS Core Services×2
+5
UTC+1
21 FDEs
AWS×3BigQuery×3RDS×3
+16
UTC+2
13 FDEs
AWS Core Services×4AWS Databases×4AWS Networking×4
+8
UTC+8
2 FDEs
AgentCore×1Agentic AI×1Aurora×1
UTC+9
2 FDEs
AWS Core Services×2AWS DevOps×1AWS Networking×1
UTC+10
2 FDEs
AWS Kubernetes×1AWS Serverless×1Google Cloud DevOps×1
UTC+11
4 FDEs
AWS Databases×2AWS×1AWS AI/ML×1

We do awesome work!

Check our our stats.

Updated Jun 7, 2026, 5:00 AM

Customer satisfaction

Based on the last 28 days

Median first reply time

Urgent (P1)m
High (P2)m
Normal (P3)m
Low (P4)m

Top engagements by technology

Amazon RDS
Amazon EC2
Amazon Elastic Kubernetes Service (EKS)
Vertex AI platform
Cloud SQL

Completed engagements

All time

Open engagements

As of June 6, 2026

Unassigned requests

As of June 6, 2026

What customers are saying

I use Homebrew in a personal and professional basis.
Today
Quick and prompt response, in this case we had already taken the suggested steps, thanks!
Today
Clear explanations that give us a good head start.
Today
Joseph is excellent in clariying quesitons and understanding our concern with lot of patience.
Today
thanks for the quick answer
Today
thank you for your help
Today
Brian was very responsive and gave us to the point information on important business concerns. Thank you very much!
Today
Netanel investigated and confirmed that this is likely caused by CloudTrail. I found a similar post by someone within the last 24 hours pointing to CloudTrail.
Today
James helped answer my questions and reached out to AWS to confirm that active connections would not break during this process.
Today
It was an awesome interaction. All of the queries were being answered.
Today
Answer very clear
Today
Colette helped out and resolved our issue this solved a problem that could have had us running circles!
Today
Chabane was very diligent when resolving my case. They checked my aws account in depth and confirmed my mitigation was adequate while investigating an issue related to Fargate in the AZ where my ECS services run. Thanks!
Today
Diego gave the proper instructions and we could successfully proceed with his guidance
Today
Wayman reviewed my code and provided ideas to help improve the process.
Today
THhs is an AWS bug.
Today
I didn't get any response and found the issue myself.
Today
good
Today
The assistance provided was excellent, clear, helpful, and timely. Thank you!
Today
Brian responded quickly to my inquiry and was available to help if needed.
Today
I use Homebrew in a personal and professional basis.
Today
Quick and prompt response, in this case we had already taken the suggested steps, thanks!
Today
Clear explanations that give us a good head start.
Today
Joseph is excellent in clariying quesitons and understanding our concern with lot of patience.
Today
thanks for the quick answer
Today
thank you for your help
Today
Brian was very responsive and gave us to the point information on important business concerns. Thank you very much!
Today
Netanel investigated and confirmed that this is likely caused by CloudTrail. I found a similar post by someone within the last 24 hours pointing to CloudTrail.
Today
James helped answer my questions and reached out to AWS to confirm that active connections would not break during this process.
Today
It was an awesome interaction. All of the queries were being answered.
Today
Answer very clear
Today
Colette helped out and resolved our issue this solved a problem that could have had us running circles!
Today
Chabane was very diligent when resolving my case. They checked my aws account in depth and confirmed my mitigation was adequate while investigating an issue related to Fargate in the AZ where my ECS services run. Thanks!
Today
Diego gave the proper instructions and we could successfully proceed with his guidance
Today
Wayman reviewed my code and provided ideas to help improve the process.
Today
THhs is an AWS bug.
Today
I didn't get any response and found the issue myself.
Today
good
Today
The assistance provided was excellent, clear, helpful, and timely. Thank you!
Today
Brian responded quickly to my inquiry and was available to help if needed.
Today

Insights by human experts

Preventable cloud waste

All time

Realized cost savings

All time

Budgets tracked per customer

Avg. $36,837 risk per customer

Anomalies detected per customer

Avg. $56,548 risk per customer

Engagements by cloud provider (90d)

Amazon Web Services
Google Cloud
Azure

Security Insights per customer

As of June 6, 2026

FinOps Insights per customer

As of June 6, 2026

Managed cloud spend (3y)

As of June 6, 2026

Managed commitments

Total value of $4.71B as of June 6, 2026

AWS Certified Advanced Networking – Specialty

AWS Certified Developer – Associate

AWS Certified DevOps Engineer – Professional

AWS Certified Security – Specialty

AWS Certified Solutions Architect - Associate

AWS Certified Solutions Architect - Professional

AWS Certified SysOps Administrator - Associate

AWS Partner: Accreditation (Technical)

Google Cloud Professional Cloud Architect

Google Cloud Professional Cloud Security Engineer

Hashicorp Certified Terraform Associate

Hashicorp Certified Terraform Authoring and Operations Professional

JA3 and JA4 Fingerprints in AWS WAF and Beyond

Sharing Secrets in AWS Parameter Store

enigmango/bigip.space

enigmango/open-yale-courses-rss

Frequently askedquestions

Time zone not a fit?

We do awesome work!

Customer satisfaction

Median first reply time

Top engagements by technology

Completed engagements

Open engagements

Unassigned requests

What customers are saying

Insights by human experts

Preventable cloud waste

Realized cost savings

Budgets tracked per customer

Anomalies detected per customer

Engagements by cloud provider (90d)

Security Insights per customer

FinOps Insights per customer

Managed cloud spend (3y)

Managed commitments

Frequently asked
questions