Guides
Start typing to search…

Deploy on AWS

Deployment of Virtual Signer on your own Amazon Web Services account

To generate a full stack to run on AWS via Cloudformation, click the button below. This will redirect you to the AWS console for a quick installation.

Steps

  1. Once loaded the template into the AWS console, validate the template is correct, review the Infrastructure and press Next.

  2. On Step 2, there are parameters that will have to be set. Double check the parameters and press Next to Step 3 once complete.

    (Note: The parameter names have a suffix of an ID which you can ignore.)

    1. AuthClientId - Your API Key Client ID. Obtain this from the Dashboard.
    2. AuthClientSecret - Your API Key Client Secret. Obtain this from the Dashboard.
    3. OrganisationId - Your organisation ID - reach out to Customer Office or your Sales rep for this.
    4. ApprovalMode - Choose which Approval Mode you want to configure your virtual signer for
      1. AlwaysApprove - Approve every request with no policy checks.
      2. SmartContract - Use an on-chain smart contract to decide whether to approve or reject.
        1. If smart contract is selected, you must also enter:
          1. ApprovalRpcNodeAddress - The JSON-RPC URL of the EVM-compatible blockchain node that you intend to upload your contract on to.
          2. ApprovalSmartContractAddress - The address of the smart contract, i.e. 0x0000.... (Check here for details and examples.)
      3. API - Use your own API to decide whether to approve or reject.
        1. ExternalReshareApprovalUrl - URL that is called for vault approvals and reshares. (Check here for details and examples.)
        2. ExternalTransactionApprovalUrl - URL that is called for transaction approvals and reshares. (Check here for details and examples.)
        3. ApprovalHttpPublicKeyHex - Certificate key to validate API calls to the API approver backend.

  3. Acknowledge the Cloudformation template and click Next to the Final Review Page

  4. Submit the Wizard and wait for Cloudformation to deploy the stack.

For a comprehensive overview of the AWS infrastructure architecture, including security features, multi-tenant isolation, and technical components, see the AWS Architecture documentation.

Costs

Resource ComponentConfiguration AssumptionEstimated Monthly Cost (USD)
EC2 Instance1 c6a.large instance, running 24/7 with AMD SEV-SNP enabled.$63.29
NAT Gateway1 NAT Gateway, running 24/7 (hourly fee)$39.42
CloudWatch Logs10 GB data ingested & stored per month$7.93
AWS KMS1 Customer-Managed Key$1.00
EBS Storage1 x 8 GB GP3 volume for the instance$0.77
Secrets Manager1 secret stored$0.40
Amazon S3Negligible storage and requests~$0.03
Variable Data CostsSee notes belowVariable
Total Estimated Cost(Excluding variable costs)~$112.84

Updated 9 days ago