Getting started with Vespa Cloud Enclave in AWS

Vespa Cloud Enclave builds on top of some tooling that it is necessary to become familiar with before getting started. Terraform is especially important, and understanding the basics is necessary. Going through a tutorial for AWS will help.

Getting started

Setting up Enclave in your account requires:

  1. Registration of the AWS account in Vespa Cloud
  2. Running a Terraform configuration to provision necessary AWS resources in the account
  3. Deployment of a Vespa application.

1. Onboarding

Contact stating which tenant should be on-boarded to use Vespa Cloud Enclaves. Also include the AWS account ID to associate with the tenant.

Note: We strongly recommend dedicated accounts to use for your Vespa Cloud Enclaves. Resources in these accounts will be fully managed by Vespa Cloud.

2. Configure AWS Account

The same AWS account used in step one must be prepared for deploying Vespa applications. Use Terraform to set up the necessary resources using the modules published by the Vespa team.

A minimal example can be found in the GitHub repository.

If you are unfamiliar with Terraform: It is a tool to manage resources and their configuration in various cloud providers, like AWS and GCP. Terraform has published an AWS tutorial, and we strongly encourage Enclave users to read and follow the Terraform recommendations for CI/CD.

3. Deploy your Vespa application

By default all applications are deployed on resources in Vespa Cloud accounts. To deploy in your Enclave account, updatedeployment.xml to reference the account used in step 1.

<deployment version='1.0' cloud-account='aws:123456789012'>

Production deployments

When deploying to production zones in a tenant controlled AWS account, beware that system tests and staging tests can run in either in the tenant account or in Vespa Cloud’s account. If running tests in the tenant account is desirable, test and staging zones must also be provisioned in step 2 in the Onboarding guide.

See the multi-region example for details.