Deployment options

You can deploy Piiano Vault as a cloud-based host solution managed by Piiano or self-managed as a cloud or on-premises deployment. This page provides details of the differences between these options.

	Vault SaaS	Vault self-hosted
Infrastructure	Vault runs on the AWS infrastructure.	Vault runs in your chosen cloud or on-premises.
Setup and maintenance	Piiano manages the configuration, maintenance, upgrades, and patching of the Vault infrastructure.	Setup terraform and other technologies are provided. You are responsible for the installation and upgrades.
Customization and control	You control all the application settings. Piiano controls the system settings, e.g., ports, KMS configuration, and advanced configuration, such as anti-tampering settings.	You have complete control of all configurations using environment variables and configuration files.
Data security and compliance	The service is SOC2 certified. Isolation and network segregation are provided.	You manage network segregation and isolation.
Data residency	Residency requirements, such as GDPR/CCPA, are achieved by selecting the appropriate region for operation	Vault complies with GDPR/CCPA and PCI when deployed as recommended.
Scaling and performance	Auto scales to hundreds of requests per second.	When provided with appropriate hardware, the application scales to thousands of requests per second.
Latency	Additional latency on top of the self:hosted: From AWS within the same region, under 10ms From AWS within the same continent, under 50ms From GCP/Azure within the same continent, under 100ms From anywhere in the world, up to hundreds of ms	Under 10ms for 95th percentile latency when running in your cloud environment,
SLA	Excluding maintenance windows, allow for around 40 minutes of downtime per month. See Vault's SLA for more details.	24/7 response within 1 hour for business-critical issues.
Support	Proactive monitoring by Piiano. Alerts and auto-scaling are provided. 24/7 response to handle all aspects of the deployment.	The support team works with you on critical issues. If permission is provided we can investigate logs and stack traces remotely. In addition, you get: Logs and audit trail. Troubleshooting tools.
Backup	Point-in-time recovery is divided, with a 5-minute time window. Backups are kept for 7 days.	Use AWS, GCP, or other providers’ database backups. You manage these backups.