Private Cloud AI — Deploy in Your VPC
A dedicated Zedly AI environment running inside your own AWS or Azure VPC. Network isolation via PrivateLink. No data on the public internet. Ever.
Who It's For
Organizations that need private AI but can't put data on shared infrastructure.
Key Capabilities
Everything in Zedly Cloud, plus full network isolation inside your perimeter.
Network Isolation
Deployed inside your VPC with PrivateLink endpoints. All traffic stays within your cloud perimeter — nothing traverses the public internet.
Customer-Managed Keys
Bring your own encryption keys via AWS KMS or Azure Key Vault. You control the key lifecycle — rotate, revoke, or audit at any time.
GovCloud & Azure Gov
Deploy into AWS GovCloud or Azure Government regions for FedRAMP-aligned environments and data sovereignty requirements.
Single-Tenant Architecture
Your own dedicated compute, storage, and vector database. No shared resources with other customers.
Audit & Compliance
Full audit logging of document access, queries, and exports. Logs stay in your environment and can forward to your SIEM.
No-Training Guarantee
Same contractual no-training policy as cloud. Your data never leaves your VPC to train or improve any model.
How Deployment Works
We handle the deployment. You control the environment.
Scope & Plan
We review your VPC setup, security requirements, and compliance needs. You approve the architecture.
Deploy via PrivateLink
Zedly AI is deployed into your VPC with PrivateLink endpoints. No public IPs, no internet exposure.
Configure & Test
Set up RBAC, encryption keys, retention policies, and SSO. Run acceptance tests in your environment.
Go Live
Your team starts using Zedly AI. We provide ongoing support, updates, and monitoring within your perimeter.
Security Controls
All cloud controls plus VPC-specific isolation and key management.
Cloud vs. VPC vs. Air-Gapped
Pick the deployment that matches your risk tolerance.
| Cloud | VPC (This Page) | Air-Gapped | |
|---|---|---|---|
| Infrastructure | Managed by Zedly | Your AWS/Azure VPC | Your hardware |
| Network | Public internet (TLS) | PrivateLink only | No internet |
| Encryption Keys | Zedly-managed | Customer-managed (BYOK) | Customer-managed |
| Updates | Automatic | Managed, your approval | Offline media |
| Best For | Speed, low friction | Regulated industries | Gov/Defense, no-egress |
Other Deployment Options
Frequently Asked Questions
What cloud providers do you support?
AWS and Azure, including GovCloud and Azure Government regions. We deploy into your existing VPC using PrivateLink for network isolation.
Does any data cross the public internet?
No. All traffic between your users and the Zedly environment flows through PrivateLink endpoints within your VPC. No data traverses the public internet.
Can we use our own encryption keys?
Yes. Customer-managed encryption keys (BYOK via AWS KMS or Azure Key Vault) are available on enterprise VPC plans. You control the key lifecycle.
How is this different from air-gapped deployment?
VPC deployment runs in your cloud environment with network isolation but still has controlled connectivity for updates. Air-gapped deployment runs on your physical hardware with zero internet dependency. Choose VPC if you trust your cloud provider; choose air-gapped if nothing can leave your facility.
Ready to Deploy AI in Your VPC?
Talk to our team about VPC deployment, network architecture, and security requirements for your environment.
Talk to Sales