Veto/docs

AWS EKS BYOC install

Install Veto BYOC on AWS EKS without Plaw account access.

helm install veto-operator oci://ghcr.io/plawio/charts/veto-operator --namespace veto-operator-system --create-namespace --set vetoCluster.create=true --set vetoCluster.storage.driver=sqlite --set networkPolicy.kubeApiCIDR=<your-eks-api-cidr>

Use EKS private networking, your own IAM roles, and your own image-pull controls. Plaw never assumes a role in your AWS account and does not need cross-account IAM trust.

For Postgres-backed installs, create your database and Kubernetes Secret yourself, then set vetoCluster.storage.driver=postgres and vetoCluster.storage.dsnSecretRef. For the P0 sqlite profile, no Convex or Postgres is required.

Outbound customer-initiated endpoints are ghcr.io for images, license.veto.so for the six-field counters-only license heartbeat, and optionally telemetry.veto.so when telemetry is enabled.

Kubernetes BYOC install

Install Veto in a customer-owned Kubernetes cluster.

GCP GKE BYOC install

Install Veto BYOC on Google Kubernetes Engine.

On this page

No Headings
Edit this pageFeedback