Skip to main content

Deployment options

You can deploy Piiano Vault as a cloud-based host solution managed by Piiano or self-managed as a cloud or on-premises deployment. This page provides details of the differences between these options.

Vault SaaSVault self-hosted
InfrastructureVault runs on the AWS infrastructure.Vault runs in your chosen cloud or on-premises.
Setup and maintenancePiiano manages the configuration, maintenance, upgrades, and patching of the Vault infrastructure.Setup terraform and other technologies are provided. You are responsible for the installation and upgrades.
Customization and controlYou control all the application settings. Piiano controls the system settings, e.g., ports, KMS configuration, and advanced configuration, such as anti-tampering settings.You have complete control of all configurations using environment variables and configuration files.
Data security and compliance
  • The service is SOC2 certified.
  • Isolation and network segregation are provided.
You manage network segregation and isolation.
Data residencyResidency requirements, such as GDPR/CCPA, are achieved by selecting the appropriate region for operationVault complies with GDPR/CCPA and PCI when deployed as recommended.
Scaling and performanceAuto scales to hundreds of requests per second.When provided with appropriate hardware, the application scales to thousands of requests per second.
LatencyAdditional latency on top of the self:hosted:
  • From AWS within the same region, under 10ms
  • From AWS within the same continent, under 50ms
  • From GCP/Azure within the same continent, under 100ms
  • From anywhere in the world, up to hundreds of ms
Under 10ms for 95th percentile latency when running in your cloud environment,
SLAExcluding maintenance windows, allow for around 40 minutes of downtime per month. See Vault's SLA for more details.24/7 response within 1 hour for business-critical issues.
SupportProactive monitoring by Piiano. Alerts and auto-scaling are provided. 24/7 response to handle all aspects of the deployment.The support team works with you on critical issues. If permission is provided we can investigate logs and stack traces remotely.
In addition, you get:
  • Logs and audit trail.
  • Troubleshooting tools.
BackupPoint-in-time recovery is divided, with a 5-minute time window. Backups are kept for 7 days.Use AWS, GCP, or other providers’ database backups. You manage these backups.