Maxim Logo

Zero Touch Deployment

This guide outlines Maxim's zero-touch deployment process, covering infrastructure components, security protocols, and supported cloud providers.

Zero Touch Deployment is designed for organizations that require the highest level of security and privacy. This deployment option ensures that your data remains within your infrastructure, with no data exchange occurring with Maxim's cloud services.

Setup Requirements

  • ✅ Google Cloud Project or AWS sub-account
  • ✅ Credentials attached to [email protected] email address
  • ✅ Admin access to the Google Cloud Project or AWS sub-account
  • ✅ Domain name/subdomain for generating SSL certificates and serving Maxim app

Deployment Process

  • We deploy the data plane and application plane in the same VPC.
  • We create a cloud provider-specific Docker image repository for storing all images.
  • We use Tailscale for secure communication between the central CD pipeline and the application plane.

Release Cadence

  • We release new versions every week, combining all fixes and features released in the previous week's cloud offering.
  • For security vulnerabilities, we release a patch within 24 hours.
  • For critical vulnerabilities, we release a patch within 1 hour.

Observability

  • We use a shared Sentry instance to track errors and exceptions.
  • We use a shared Prometheus + Grafana instance to track metrics.
  • Customers receive access to Sentry projects and Grafana dashboards for audit and monitoring purposes.

Security Measures

  • All service account keys are rotated at least every 90 days.
  • Access to the shared Google Cloud Project or AWS sub-account is limited to the [email protected] email address.
  • 2FA is required for accessing the shared Google Cloud Project or AWS sub-account.
  • We enable cloud provider-specific security features and share the audit every 60 days (example dashboard).

security2

SLAs

  • 99.9% uptime.
  • < 5 minutes response time (acknowledgment) for incidents.
  • < 48 hours resolution time.

Support

  • We provide 24/7 support for any issues that may occur during the deployment process.
  • We also offer 24/7 support for any issues that may arise during service operation.
  • We assign a dedicated support engineer to each account to address any issues that may occur during the deployment process and operation.

Previous

Overview

Next

Data plane deployment

On this page