Skip to content

Solution Idea: Managed Service

Jump to bottom
Kyle Kamperschroer edited this page Jan 26, 2016 · 1 revision

What is it?

A managed solution. Users land on a main web site where they can deal with all the high level components. Vaults can be deployed, managed and clustered all from this site. The same interface can provide billing estimates, invoices, and payments, and even a demo of the Vault interface.

Deploying of Vaults to the users environments would need them to grant access to building servers and remotely accessing servers in their desired environment. This could be AWS, Azure, Digital Ocean, etc.

What are the advantages of this solution?

  • The customers secrets are stored in their datacenters behind their firewalls and in their environment.
  • Ansible scripts for building and setting up software (like Vault) in different environments are easy to come by.
  • A unified landing page for dealing with payments, documentation, demos, etc helps eliminate confusion and allow customers to try before buying.

What are the disadvantages of this solution?

  • It's a managed solution. 24/7 support is part of the reason customers would buy this solution, and that's a lot of work.

Why would a customer like this solution?

  • They get great support and the comfort of having someone to help if the Vault cluster goes down or gets sealed.
  • A main website makes it easy to find the documentation necessary
  • A demo lets them gain confidence in the solution before purchasing

Why would customers dislike this solution?

  • Externally managed service dealing with secrets feels risky. Trust is key.
  • Make it technically impossible for barriers to be breached.

What are the high-level components to this solution?

  • The Main Site
    • Landing page
    • Demo
      • Single instance Vaults in containers for users to test-drive
    • Sign up
    • Billing/invoicing
    • Payments
    • Documentation for all types
      • Developer targeted docs
        • Links to Vault clients for different languages
        • Vault API documents
      • Auditor targeted docs
    • Support Chat and Phone Numbers
  • The Vault UI
    • Static site deployed along side Vault binaries
    • Used for simplified interaction with actual Vault
  • Opt-out phone-home reporting component
    • Anonymous usage stats
  • Deployment Components
    • Ansible playbooks for each world

What would an MVP require?

The see-if-people-would-want-this MVP (goals for April demo)

  • The landing page providing high-level info
  • A demo (useful for learning more)
  • A signup for mailing list to get updates page
  • An MVP of the Vault UI (used in the demo)
  • Ansible playbooks for deploying single instances to a container and the demo world

The pieces to make it a real MVP

  • The deployment piece to AWS (others can be added layer)
  • The opt-out phone home reporting component
  • Real user sign-up process
  • Billing, invoicing, and payments through Stripe
  • Technical overview to gain dev trust
  • Links through to Vault docs
  • Support portal
Clone this wiki locally