Deployment Specifications

High-level Deployment Networking Diagram

Recommended Service and Infrastructure Sizing

Here is a comprehensive list of Institutional Vault AWS-recommended services and infrastructure sizes:

Service Name	Resource Type	CPU Cores	Memory (GB)	AWS Specification
Wallet service	microservice container	1	1	container
Message Broker	microservice container	0.5	0.5	container
MPA Policy-nodes (x3)	virtual machine instance	4	16	m5.xlarge
Relational Database	database PaaS	2	4	t4g.medium

Deployed AWS Infrastructure Components

The CDK long-lived, wallet, and Policy Node stacks provision these AWS services and supporting infrastructure:

Supporting service	Technology
Infrastructure deployment	CDK / CloudFormation
Certificate management	ACM
Container orchestration	ECS (Fargate)
Policy Node compute	EC2
Confidential computing	Nitro Enclaves
Secrets management	Secrets Manager
Key management	KMS
Database management	RDS (PostgreSQL)
DNS management	Route 53, Cloud Map
Monitoring and logging	CloudWatch
Software distribution	ECR
Network isolation and management	VPC
Load balancing	Application Load Balancer (ALB)
Content delivery	CloudFront
Object storage	S3
Shared file storage	EFS
Log export	Lambda
Web application firewall	WAF (optional IP allowlist)

Authentication uses your customer OpenID Connect identity provider (OAuth/OIDC). The wallet integrates with that IdP; Blockdaemon does not provision the IdP in your AWS account.

Service Limits and Quotas

You don't need to request any limit increases for default Service Quotas when using the Automated AWS deployment tooling.