Aiven offers multiple deployment options from fully managed access over the public internet to subnet deployments under your own cloud account. Here is a description of the different options.

Public Access

Self-service

Allowing public access to a service is the most popular for testing, just getting started, or non-regulated industries. You can feel confident with this approach by relying on industry standard client authentication, authorization, and encryption. Remember that all services can be protected with IP Allow Lists to limit client connections. All services and infrastructure are single tenant and dedicated solely to a single customer.

Virtual Private Cloud Peering

Self-service

Aiven services can be deployed into a dedicated regional Virtual Private Cloud (VPC). Note that all services can additionally be protected with IP Allow Lists to limit client connections. All services and infrastructure are single tenant and dedicated solely to a single customer; this includes the VPN and all servers.

This approach can also be paired with VPN, or other network connections, from on-prem data centers to create a hybrid environment.

Virtual Private Cloud Peering with Public Access

Self-service

At times you will want to expose certain services, sub-services, or endpoints publicly. Aiven offers granular control over private and public endpoints. You can find the public_access.* settings in the Overview => Advanced configuration section of a service.

Bring Your Own Account - BYOA

Contact Sales for Quote and Setup Instructions

For the greatest control over security and network segregation you can work with Aiven to deploy services directly into your cloud account. This requires creating a customer IAM role that has specific VM/Compute and Networking privileges specific to the target cloud and setting up firewall rules to allow communication to the Aiven management plane. You can get more information in the BYOA help article.

Contact sales@aiven.io for more information.

Did this answer your question?