Riskwolf is a global parametric insurance technology platform that requires production-grade, compliant infrastructure to serve institutional clients and government entities. To facilitate its expansion into the Indian market, Riskwolf partnered with Labyrinth Labs to design and manage a full cloud environment: a multi-region, GitOps-driven Kubernetes stack built to meet the nation’s strictest data residency and security regulations.
The Customer
If You Can Measure It, You Can Insure It.
Riskwolf operates as a pioneer in the data-driven insurance space. The company builds the digital infrastructure for parametric products that pay out based on measurable, pre-defined triggers, such as extreme weather events, natural catastrophes, or any trusted or measurable event, rather than traditional, high-friction loss assessments.
The Riskwolf platform is designed to be: Simple. Reliable. Fast. To maintain this standard at scale, the underlying infrastructure must:
- Ingest and process massive volumes of weather and geospatial data in near-real-time.
- Execute complex parametric calculations via advanced workflow engines.
- Support a multi-tenant SaaS environment with full regulatory compliance across diverse jurisdictions.
The Challenge
As Riskwolf expanded into India, the team faced a set of interconnected infrastructure and compliance challenges that could not be solved by a generic cloud approach. The India deployment was fully greenfield: no existing environment, no DevOps team in place, and a hard deadline driven by contractual obligations.
Technical challenges:
- Multi-region Resilience: The platform needed active-passive failover between AWS Hyderabad [primary] AWS Mumbai [secondary] automatic data replication and minimal RTO/RPO.
- Data Sovereignty: All data processing, storage and logging had to remain within Indian territory, a hard regulatory requirement for the UNDP engagement.
- Security & Auditability: Logs had to be retained for 180 days in WORM [Write Once, Read Many] storage, with automated CERT-In 6-hour critical incident reporting and 72-hour personal data breach notifications.
- Scalable Data Ingestion: Structured file ingestion via HTTPS and large technical bulk transfers directly to S3, with strict per-customer isolation and append-only storage semantics.
- Business Impact: Without solving these, the contract would not meet the enterprise-grade SLA requirements.
Why Labyrinth Labs?
The cloud-native platform LARA [Labyrinth AWS Reference Architecture] provided Riskwolf with a battle-tested, opinionated foundation for multi-account AWS environments, pre-validated Terraform modules, EKS cluster configurations, GitOps pipeline patterns, and multi-account AWS Organizations design. This dramatically reduced time-to-production while ensuring architectural best practices were embedded from day one. Combined with a hands-on, architect-led delivery model and a willingness to take on the ongoing managed service responsibility, Labyrinth Labs was the clear fit.
Technology Stack
- Cloud & Infrastructure: AWS EKS (Managed Kubernetes), Amazon RDS (PostgreSQL), and Amazon MSK (Kafka).
- Provisioning & CI/CD: Terraform for Infrastructure as Code (IaC), ArgoCD for GitOps, and Helm for application packaging.
- Job Orchestration: Argo Workflows
- Observability: Prometheus and Grafana for real-time monitoring, ensuring transparency into platform health and performance.
What We Did
- Labyrinth Labs acted as Riskwolf's full platform engineering function, from architecture design through delivery and into ongoing managed operations. There was no handoff: we built it and we continue to run it.
- LARA as the foundation. Rather than starting from scratch, the team applied the LARA framework to accelerate delivery. Pre-validated modules for EKS, multi-account AWS Organizations, VPC design, and GitOps pipelines meant engineering effort was focused on Riskwolf-specific requirements compliance, data ingestion, and parametric workload patterns rather than rebuilding foundational components.
- Key design decisions:
- Active-passive multi-region: Hyderabad as the live traffic region, Mumbai as a cold standby, balancing cost efficiency with fast failover for UNDP's demanding SLA requirements.
- Data residency by design: All compute, storage, and network components deployed within AWS India regions. S3 Object Lock [WORM] applied to audit logs to satisfy CERT-In and Data Protection Board requirements.
- Multi-tenant data isolation: Per-customer S3 prefixes with granular IAM policies enforce strict data silo separation, a hard requirement for UNDP's multi-organization data ingestion workflow.
Outcomes
Infrastructure & Availability:
- Production-grade, multi-region AWS environment delivered from zero on time for the UNDP contract deadline
- Active-passive architecture across two AWS regions with automated data replication and health-checked failover
- Three-AZ redundancy in the primary region eliminating single-datacenter risk
Compliance & Security:
- Full data residency compliance all compute, storage, and logging within Indian territory
- 180-day WORM log retention with S3 Object Lock, satisfying CERT-In and Data Protection Board requirements
- Automated CERT-In 6-hour critical incident alerting and 72-hour personal data breach notifications operational at launch
- Security architecture validated and documented for biannual third-party audit requirements
Business & Team Impact:
- Riskwolf's engineering team fully freed from infrastructure operations focused entirely on product development
- Scalable foundation in place to onboard additional institutional clients without re-architecting
From the start, they showed extensive know-how and industry expertise. They offered solutions that were smart and practical, helping us work better and faster.
Future Steps
Riskwolf deepens the collaboration with Labyrinth Labs as its long-term managed service partner for platform operations and incident response. This partnership ensures that Riskwolf’s parametric engine remains the "golden source" for global risk settlement, maintaining its reputation for being Simple. Reliable. Fast.
