Specifications — Overview

Databases & Infrastructure

Every customer's data lives in a dedicated, isolated environment — separate database, separate storage, separate encryption key. PanOps is built on AWS with hard tenant boundaries from day one.

← Back to Specifications

Architecture Philosophy

PanOps stores communication data that is, by definition, sensitive. The infrastructure design reflects that. Rather than pooling customers into shared tables protected only by application-layer access controls, PanOps provisions a dedicated AWS account per customer — entirely separate from every other tenant. Isolation is structural, not aspirational.

This means a misconfigured query, a bug in the access control layer, or a compromised service credential cannot expose one customer's data to another.

Infrastructure Architecture

Each customer receives a dedicated AWS sub-account under the PanOps AWS Organization, provisioned automatically via Terraform and AWS Account Factory for Terraform (AFT) in under 30 minutes. Within that account: a dedicated Aurora Serverless v2 instance, a dedicated S3 bucket, a customer-managed KMS key, and a CloudTrail log that only the customer controls.

PanOps's shared compute VPC peers to each customer VPC to run connector workers and inference — but customer VPCs have no internet gateway. Data cannot leave the customer account except through the controlled peering connection to PanOps compute.

Account Architecture

  • PanOps Management Account — Control Tower, billing, org-level policies
  • PanOps Shared Compute Account — connector workers, LLM inference, NAT Gateway
  • Customer Account — Aurora, S3, KMS key, CloudTrail, VPC peered to Shared Compute
  • No internet gateway in customer VPCs — data never traverses the public internet within AWS
  • Provisioning time under 30 minutes via Terraform + AFT automation

Infrastructure at a Glance

Database
Aurora Serverless v2
Dedicated per-customer instance. PostgreSQL-compatible, auto-scales with demand. pgvector extension enables semantic search for AI retrieval.
Object Storage
Amazon S3
Dedicated bucket per customer in the customer's own AWS account. AES-256 encryption via customer-managed KMS key.
Encryption
Customer-Managed KMS Key
KMS key lives in the customer's own AWS account. PanOps can encrypt/decrypt to run the service but cannot delete or disable the key. Kill switch is entirely in the customer's hands.
Audit
Customer-Controlled CloudTrail
All KMS usage and data access is logged in a CloudTrail inside the customer's AWS account — not PanOps's. Customer can verify PanOps access at any time.
View full technical specifications →
Deployment
Runs entirely within your own cloud environment, which is provisioned and managed by PanOps. No data ever leaves your infrastructure.
Intelligence Model
PanOps-hosted AI model — deployed and managed inside your cloud environment. By design, no customer communications data is transmitted to any external service or third-party API.
CEO Signal™ Interface
Ask any question about your organization. Receive answers sourced from real communications.