Your AWS/Azure Account
Add extensibility and heightened control to your blockchain network by optionally integrating a node with native AWS and Azure services, all managed and configured within your own organizationally-controlled cloud suite. Services include key management, log streaming, backups and private data routing. Additionally, Kaleido logins can be delegated to existing directory services and identity providers for customizable user management.
Using Cloud Integrations
Key Management Integration adds a further layer of security to a node’s private signing materials by encrypting any sensitive keys with a master encryption key controlled by the node owner. Kaleido stores only the signing key cipher text and a single auditable decryption call is sent to the AWS Identity Access Management service when the node needs to initialize.
Advanced Private Networking with a Virtual Private Cloud (VPC) PrivateLink endpoint allows for the Kaleido network to be accessed privately outside of the public internet. Leveraging a node’s private communication layer via PrivateLink ensures that any business critical or sensitive traffic never leaves the AWS backbone. Nodes can be configured with a hybrid ingress (public and private) allowing for users to partition any incoming data streams in accordance with their organizational and consortia mandates.
Node and Service backups perform a snapshot backup into an S3 bucket provide an added layer of ledger persistence and give owners full access to a node’s ledger and key materials. Users can orchestrate workflows to call the /backup API on configured intervals or manually extract the node data on a periodic basis.
Log Streaming injects realtime node logs into Cloudwatch, the popular monitoring and management service. Combine the node logs alongside existing applications and business processes to quickly diagnose errors, improve performance and/or gain additional insights.
Federated Login via a Kaleido Enterprise Organization allows for Kaleido admins to customize and fully-manage the “front door” into their Kaleido Org via an integration with Amazon Cognito. Admins and end users alike will only be able to authenticate to Kaleido via the configured identity management system. As such, a Kaleido admin can weave their Kaleido instance with existing user registries and trusted authentication schemes.