Get Started with CloudCheckr's Self-Hosted Product

Security and data privacy concerns often make Software-as-a-Service (SaaS) models unrealistic for many enterprise or public sector customers. These organizations recognize the benefits of using AWS, but sometimes struggle with the feasibility of third-party data access.

Our self-hosted Amazon Machine Image (AMI) product launches CloudCheckr in a virtual private cloud (VPC) where your data and security are completely protected.

Read on to learn more about the versions of the self-hosted application that CloudCheckr offers.


The All-In-One Version

The All-In-One (AIO) is the easiest to set up because you only need to configure one Elastic Compute Cloud (EC2) instance which contains all the necessary components:

  • a Web Console where you will log in to and use the application
  • the Scheduler and workers—the background processes that collect and store your AWS data
  • an Elastic Block Store (EBS) volume—the Microsoft SQL® server database that stores your data
  • an IAM role—the AWS identity that allows you to connect to your AWS account(s)

Click a link to access one of our AIO guides:


The Multi-Tiered Commercial Version

The Multi-Tier – Commercial (MT – COMM) is well-suited for customers who need a scalable architecture for larger cloud deployments.

Although the configuration is a bit more complex, it allows customers to spread their workload across multiple servers for greater stability.

You will need to configure three EC2 instances:

  • an EC2 instance for the Web Console, where you will log in to and use the application
  • two EC2 instances, one for the Scheduler and one for the Workers, which are the background processes that collect and store your AWS data

In addition, you will need to configure:

  • an RDS database—a Microsoft SQL ® server database that stores your data
  • an S3 bucket—the private S3 bucket that houses encryption keys and other storage data
  • IAM role(s)—the AWS identities that allow you to access your S3 bucket and AWS account(s)

Click a link to access one of our MT – COMM guides:


The Multi-Tiered Intelligence Community Version

The Multi-Tier – Intelligence Community (MT – IC) is geared toward customers who cannot operate in the public internet but still require a scalable architecture for larger cloud deployments.

In the MT – IC version, the self-hosted application resides on a cluster of EC2 instances and databases that are completely air-gapped and isolated from the public internet. Communication only occurs between the AWS resources in your deployment and AWS.

Like the MT – COMM version, the MT – IC allows customers to spread their workload across multiple servers for greater stability.

You will need to configure three EC2 instances:

  • an EC2 instance for the Web Console, where you will log in to and use the application
  • two EC2 instances, one for the Scheduler and one for the Workers, which are the background processes that collect and store your AWS data

In addition, you will need to configure:

  • an RDS database—a Microsoft SQL ® server database that stores your data
  • an S3 bucket—the private S3 bucket that houses encryption keys and other storage data
  • IAM role(s)—the AWS identities that allow you to access your S3 bucket and AWS account(s)
  • trusted certificates, which allow you to authenticate to the IC region

Click a link to access one of our MT – IC guides:


How did we do?