A casino analytics company employs a team of analysts who build recommendation models and guest-worth predictions. To do their work, they need data from each customer's on-premise database.
The old process: email the customer, explain what data is needed, and wait. Turnaround was often weeks. Some customers didn't have the technical ability to generate the exports at all. Analysts spent more time chasing data than analyzing it.
The Solution
I built a platform that connects directly to each casino's database through secure SSH tunnels, extracts and normalizes the data automatically, and makes it available on demand. Analysts no longer need to involve the customer at all.
The system handles the full lifecycle: secure connectivity, data extraction on a schedule, transformation into a consistent format, and a fast API layer for the analytics team and frontend applications.
How It Works
Secure tunnel gateway — A Rust service that manages SSH tunnel registrations for each casino client. Each client gets their own SSH key and isolated port, with strict restrictions enforced at the server level. No shared credentials, no open ports.
ETL pipelines — Temporal workflows connect to remote SQL Server databases through the tunnels, extract guest gaming data (play history, ratings, spending patterns), transform it through DuckDB as an intermediate layer, and load it into PostgreSQL. Processing is incremental and date-aware — only new data gets pulled on each run.
Algorithm dispatch — Once fresh data lands in PostgreSQL, Temporal activities automatically clone and execute Python analysis scripts for each casino. These run recommendation models and guest future-worth predictions, keeping results up to date without manual intervention.
Multi-tenant API — An Axum-based Rust backend serves the processed data to frontend applications. Each tenant has isolated database access, authenticated through OAuth2 via AWS Cognito. The API includes auto-generated documentation for the frontend team.
Cloud infrastructure — The full stack runs on AWS: Cognito for authentication, RDS PostgreSQL for data storage, and security hardening throughout. The tunnel gateway runs on a dedicated instance with locked-down SSH configuration.
The Result
Analysts now have on-demand access to every customer's data. No emails, no waiting, no dependency on the customer's technical capabilities. The team can focus entirely on building better models and delivering insights.