Skip to main content

Machine Configuration

When deploying Polaris through the Microsoft Azure and Google Cloud Marketplace offers, you will be asked to perform standard configuration for the underlying resources, such as region, CPU and memory resources, networking, and identity. The respective cloud provider's standard interface is used for this configuration. For details, refer to the section specific to your cloud provider below.

Google Cloud

For deployment on Google Cloud, you need to provide the following configuration:

  • Deployment Service Account: Specify the account used to deploy the infrastructure resources. You can create a new service account with the required permissions or use an existing one.
  • Zone: Select the zone where the VM will be created. Please note any restrictions.
  • Machine Type: Choose the machine type that fits your workload requirements. Refer to the restrictions on machine types that support Confidential Computing. Machines from the N2D family are recommended.
  • Boot Disk: Configure based on the requirements of your workload.
  • Networking: Set up the network interface and VPC according to your needs.
  • Firewall: Configure firewall rules to make the VM accessible from the internet if required. Alternatively, you can place the VM behind a load balancer or VPN.
info

Currently, the VM will use the default compute service account. This will be configurable in future versions.

tip

If you need additional machine configuration, please get in touch.

Deployment through Terraform

If you prefer deploying Polaris using Terraform, you can download the Terraform configuration files from the deployment page and integrate them into your environment. Select the "Command Line Deployment" option to access the files.

Azure

To deploy Polaris on Azure, you first need to choose a plan. The plan determines the number of CPUs available for the client workload (the Polaris Proxy has separate infrastructure). Options include 1, 2, or 4 vCPUs per container (refer to ACI restrictions). Once selected, configure your managed application with the following parameters:

  • Subscription: Specify the subscription where the resources will be created.
  • Resource Group: Define the resource group where the resources will be created.
  • Region: Select the region where the resources will be created.
  • Memory: Set the memory allocation for the client workload (refer to ACI restrictions).
  • Managed Identity: Choose to create a new managed identity or use an existing one.
tip

For further container configuration or to use Terraform for your deployment, please get in touch.