Two deployment shapes. Same product. Same price.
Sammati installs into your AWS account as a single-tenant Terraform deployment, or runs as our hosted SaaS in ap-south-1. The consent ledger, signing keys, and APIs are identical.
OPTION A
BYOC
Bring Your Own Cloud. We ship Terraform modules; you run Sammati inside your own AWS account. The data, the keys, and the audit trail never leave your VPC.
- Sammati control plane runs entirely inside your AWS account
- Data never leaves your VPC — consent artifacts, ledger, PII all local
- Terraform modules: VPC, RDS Postgres, ElastiCache Redis, ECS Fargate, S3, KMS
- Your IAM, your KMS keys, your CloudTrail, your VPC peering
- Single-tenant by construction — no shared database, no noisy neighbours
- You own scale: right-size RDS / Fargate to your traffic
- Sammati ships signed AMIs and container images via ECR pull-through
- Quarterly upgrade cadence; rollback via Terraform state
OPTION B
SaaS
Sammati-hosted in Mumbai with Hyderabad DR. Multi-tenant with strict RLS isolation. We operate the SLA so your team focuses on product, not consent infrastructure.
- Sammati-hosted on ap-south-1 (Mumbai primary) + ap-south-2 (Hyderabad DR)
- Multi-tenant with row-level security and tenant-scoped Redis keys
- Onboard in <24 hours — no infra, no Terraform, no AWS account needed
- Sammati operates the SLA: 99.9% uptime, <200ms p95 consent writes
- Automatic upgrades, patching, scaling — zero ops on your side
- Per-tenant KMS-managed encryption keys (CMK option on Tier 3)
- Daily encrypted backups, point-in-time recovery to 7 days
- BAA, DPA, and DPDP fiduciary-processor agreement in onboarding pack
BYOC vs SaaS, at a glance.
Same APIs. Same admin console. Same hash-chained ledger. The choice is about where the data lives and who operates it.
| Dimension | BYOC | SaaS |
|---|---|---|
| Data residency | Your VPC, your account | ap-south-1 + ap-south-2 (India) |
| Tenancy | Single-tenant (you are the only tenant) | Multi-tenant with RLS isolation |
| Onboarding time | 2 – 4 weeks (Terraform + UAT) | <24 hours |
| Operational ownership | You operate; we support | Sammati operates end-to-end |
| Upgrades | You apply via Terraform / ECR | Automatic, zero-downtime |
| KMS keys | Your CMK | Sammati-managed (CMK on Tier 3) |
| Network access | VPC peering / PrivateLink | Public TLS endpoint + IP allowlist |
| Compliance posture | Inherits your AWS audit boundary | SOC2-aligned, ISO 27001 (in flight) |
| Pricing | ₹15L / year flat | ₹15L / year flat |
| Best for | Banks, insurers, regulated DFs | D2C, SaaS, mid-market fiduciaries |
Who operates what.
Operational responsibility split. DPDP fiduciary obligations stay with you in both models — Sammati is your processor.
| Responsibility | BYOC | SaaS |
|---|---|---|
| Application code & releases | Sammati | Sammati |
| Infra provisioning (Terraform) | You (we ship modules) | Sammati |
| 24×7 incident response | You (we provide playbooks) | Sammati |
| OS / container patching | You | Sammati |
| Database backups & PITR | You (RDS automated) | Sammati |
| Key rotation | You (your KMS) | Sammati (90-day rotation) |
| Audit log retention | Your CloudTrail / S3 | Sammati (7-year retention) |
| DPDP fiduciary obligations | You (DF) | You (DF) — Sammati is processor |
SaaS runs on AWS India.
Mumbai primary, Hyderabad DR. No data leaves India. BYOC deploys into whichever AWS region you choose.
ap-south-1 (Mumbai)
PRIMARYRDS Postgres Multi-AZ, ElastiCache Redis, ECS Fargate, S3, KMS, CloudFront
ap-south-2 (Hyderabad)
DISASTER RECOVERYCross-region read replica, S3 replication, warm standby Fargate cluster
Same architecture in both shapes.
Whether BYOC or SaaS, the runtime topology is identical. Only the AWS account boundary changes.
Postgres + RLS
Tenant-scoped row-level security. Drizzle ORM, plain SQL migrations, append-only ledger tables.
Redis cache
ioredis with tenant-prefixed keys. Hot-path consent reads served in <50ms.
KMS-backed signing
ECDSA-P256 artifact signatures. Keys live in AWS KMS — your CMK in BYOC.
Hash-chained ledger
Every consent write computes hash_self = SHA256(canonical_json ‖ hash_prev). Tamper-evident.
Audit & RBAC
Every admin action logged with actor, IP, hash. Six-role RBAC out of the box.
Fastify + Zod
Typed schemas at every API boundary. <200ms p95 consent writes at 5M/month.
22 Indian languages
Notice translations stored versioned. Hosted portal localised in Devanagari, Tamil, Telugu, Bengali, more.
AWS Marketplace
Procure via your AWS bill. EDP-eligible. ₹15L flat per deployment, no metered surprises.
Not sure which fits?
We'll walk through your security posture, AWS footprint, and onboarding timeline in 30 minutes — and recommend BYOC or SaaS without sales theatre.