When you deploy your Vespa application on Vespa Cloud, all cloud resources needed to run your application will be automatically provisioned with the cloud provider you chose, and you don’t have to be concerned with the details of setting up your account with the provider, the lower level network settings, and so on. For most uses of Vespa, this is absolutely perfect and just how it is supposed to work.

There are cases, though, where larger applications can have specific requirements in terms of network connectivity with other in-house services deployed with the cloud provider or some other policy requirements demanding all their workloads to run in their own accounts with the cloud provider.

Today, we are pleased to announce a new capability of Vespa Cloud that allows you to have your Vespa application run inside your own accounts and projects in AWS and GCP. After granting the initial access to your account, Vespa Cloud resources are seamlessly provisioned and managed by the same automation that runs Vespa Cloud, but hosted in an AWS account or GCP project controlled by you.

Enclave is a premium feature, available to customers with a minimum spend - see the pricing calculator for details. Vespa Cloud Enclave is great for applications with specific requirements for control over data and requests, or committed spends with cloud providers.

With Vespa Cloud Enclave, applications can be hosted within private networks (VPCs) configured inside your cloud account. You specify inside your application package in which account or project your Vespa Cloud deployments should be hosted and whether you want the same for all deployments, or use different accounts/projects for different deployments.

After working with the Vespa Cloud support team to onboarding you as an Enclave application, bootstrapping your account is quickly done with our provided Terraform modules, making it easy for you to inspect the resources and policies needed to host Vespa Cloud Enclave. This provides full transparency into the interactions between Vespa Cloud and your cloud accounts, while little to no work is required before deploying your first Vespa Cloud Enclave application.

To get started, contact support for a conversation about your Enclave integration needs.