Skip to content
Aether Platform

Enterprise Onboarding

1. Choose Deployment Model

Select the infrastructure model that fits your security and compliance posture:

  • Fully Managed (SaaS): Zero maintenance. We host the control plane and data plane.
  • Bring Your Own Cloud (BYOC): Data resides in your AWS/Google/Azure tenant. We manage the control plane.
  • On-Premise / Air-Gapped: Complete isolation. Deployed physically in your datacenter or private cloud.

2. Organization Setup

[!IMPORTANT] The onboarding process is initiated through a Regional Sales Representative. Please contact our sales team to have your tenant provisioned based on your selected model.

Verify Prerequisites

  • You have received your Tenant ID from Aether Sales.
  • You have Administrator access to your Identity Provider (Okta, Entra ID).
  • (For BYOC/On-Prem) You have prepared your VPC/Network details.

3. Configure SSO (Optional)

You can configure Single Sign-On (SAML/OIDC) now or set it up later. For production enterprise environments, we strongly recommend federated identity.

  1. Navigate to Organization Settings > Identity.
  2. Select “Add Identity Provider”.
  3. Upload your IdP Metadata XML or enter OIDC endpoints.
  4. SCIM Provisioning: Enable SCIM 2.0 to sync user groups (e.g., aether-developers).

Access Control: Users will automatically be assigned roles (Admin, Developer, Auditor) based on their IdP groups.

4. Endpoint Abstraction (If Needed)

Aether provides a unified Endpoint Abstraction layer, allowing you to connect via any standard secure protocol without complex routing changes.

Supported Methods:

  • Cloud Native: AWS Private Endpoint, VPC Lattice, GCP Private Service Connect, Azure Private Link.
  • Hybrid / On-Prem: Site-to-Site VPN (IPsec), AWS Direct Connect, Azure ExpressRoute.

Configuration

  1. Submit a Network Request Ticket to Aether Engineering with your specific requirements.
  2. Our team will provision the dedicated Endpoint Service or Gateway information.
  3. Accept the endpoint in your cloud console or configure your firewall tunnel.

5. Define Policy Guardrails

Enforce compliance before a single line of code is written.

  • Region Lock: Restrict workspace creation to specific regions (e.g., eu-central-1 only).
  • Data Prevention: Disable “Download to Local” features to prevent code exfiltration.
  • Golden Images: Force all “Java” projects to use the hardened corp-java-17-base image.

6. Invite Users

Once your organization is set up, invite your team members or send them the login URL:

https://console.aetherplatform.com/sso/{your-tenant-slug}