> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wandb.ai/llms.txt
> Use this file to discover all available pages before exploring further.

> Learn about W&B Dedicated Cloud deployment features including compliance, data security, IAM, and maintenance policies.

# Dedicated Cloud

W\&B Dedicated Cloud is a fully managed platform with dedicated, isolated infrastructure, deployed in W\&B's AWS, Google Cloud, or Azure cloud accounts. Each Dedicated Cloud instance has its own isolated network, compute and storage from other W\&B Dedicated Cloud instances. Your W\&B specific metadata and data is stored in an isolated cloud storage and is processed using isolated cloud compute services.

W\&B Dedicated Cloud is available in [multiple global regions for each cloud provider](./dedicated-cloud/regions)

## Rate limits

W\&B applies default rate limits on Dedicated Cloud to maintain instance stability. See [Rate limits](/platform/hosting/hosting-options/dedicated-cloud/rate-limits) for default values, how limits are enforced, and how to request higher limits when you scale up training.

## Compliance

* **SOC 2**: W\&B Dedicated Cloud's hosting platform meets the requirements of the [Service and Organization Controls (SOC) 2 Type 2](https://www.aicpa-cima.com/topic/audit-assurance/audit-and-assurance-greater-than-soc-2), published by the [Auditing Standards Board of the American Institute of Certified Public Accountants (AICPA)](https://www.aicpa-cima.com/home). A SOC 2 report evaluates a service organization's controls for security, availability, processing integrity, confidentiality, and privacy. W\&B Dedicated Cloud is subject to periodic internal and external audits to verify continued compliance. Refer to the [W\&B Security Portal](https://security.wandb.ai/) to request the SOC 2 report and other security and compliance documents.
* **HIPAA**: When configured appropriately, W\&B Dedicated Cloud meets the requirements of the [Health Insurance Portability and Accountability Act of 1996 (HIPAA)](https://www.hhs.gov/hipaa/for-professionals/index.html). Compliance with HIPAA is a shared responsibility that involves W\&B, the customer, and any third-party services involved in the deployment. Organizations subject to HIPAA must have a **Business Associate Agreement** on file with W\&B. Refer to the [W\&B Security Portal](https://security.wandb.ai/) to request more information.

## Data security

You can bring your own bucket (BYOB) using the [secure storage connector](/platform/hosting/data-security/secure-storage-connector) at the [instance and team levels](/platform/hosting/data-security/secure-storage-connector#configuration-options) to store your files such as models, datasets, and more.

Similar to W\&B Multi-tenant Cloud, you can configure a single bucket for multiple teams or you can use separate buckets for different teams. If you do not configure secure storage connector for a team, that data is stored in the instance level bucket.

<Frame>
  <img src="https://mintcdn.com/wb-21fd5541/7mSicW8MfO9qZmb2/images/hosting/dedicated_cloud_arch.png?fit=max&auto=format&n=7mSicW8MfO9qZmb2&q=85&s=a4b2fcef88b3a015d7ab79910cb47d6b" alt="Dedicated Cloud architecture diagram" width="823" height="675" data-path="images/hosting/dedicated_cloud_arch.png" />
</Frame>

In addition to BYOB with secure storage connector, you can use [IP allowlisting](/platform/hosting/data-security/ip-allowlisting) to restrict access to your Dedicated Cloud instance from only trusted network locations.

You can connect privately to your Dedicated Cloud instance using [cloud provider's secure connectivity solution](/platform/hosting/data-security/private-connectivity).

You are responsible for ensuring that your deployment complies with your organization's policies and [Security Technical Implementation Guidelines (STIG)](https://en.wikipedia.org/wiki/Security_Technical_Implementation_Guide), if applicable.

## Identity and access management (IAM)

Use the identity and access management capabilities for secure authentication and effective authorization in your W\&B Organization. The following features are available for IAM in Dedicated Cloud instances:

* Authenticate with [SSO using OpenID Connect (OIDC)](/platform/hosting/iam/sso) or with [LDAP](/platform/hosting/iam/ldap).
* [Configure appropriate user roles](/platform/hosting/iam/access-management/manage-organization#assign-or-update-a-users-role) at the scope of the organization and within a team.
* Define the scope of a W\&B project to limit who can view, edit, and submit W\&B runs to it with [restricted projects](/platform/hosting/iam/access-management/restricted-projects).
* Leverage JSON Web Tokens with [identity federation](/platform/hosting/iam/identity_federation) to access W\&B APIs.

## Monitor

Use [Audit logs](/platform/hosting/monitoring-usage/audit-logging) to track user activity within your teams and to conform to your enterprise governance requirements. Also, you can view organization usage in our Dedicated Cloud instance with [W\&B Organization Dashboard](/platform/hosting/monitoring-usage/org_dashboard).

## Maintenance

Similar to W\&B Multi-tenant Cloud, you do not incur the overhead and costs of provisioning and maintaining the W\&B platform with Dedicated Cloud.

To understand how W\&B manages updates on Dedicated Cloud, refer to the [server release process](/platform/hosting/server-upgrade-process).

## Compliance

Security controls for W\&B Dedicated Cloud are periodically audited internally and externally. Refer to the [W\&B Security Portal](https://security.wandb.ai/) to request the security and compliance documents for your product assessment exercise.

## Data retention policy

By default, a Dedicated Cloud instance retains the following items for 7 days after deletion:

* Runs and history
* Non-artifact run files, such as media, configuration files, and log files
* Artifacts and artifact references

Until this period elapses, these items can be restored. Contact [support](mailto:support@wandb.ai) or your AISE for assistance.

To meet your data retention requirements, you can change the data retention period for your Dedicated Cloud instance. Depending on your use case, select the **Environment variable** or **Helm** tab for details.

<Tabs>
  <Tab title="Environment variable">
    To change the data retention policy, set the environment variable `GORILLA_DATA_RETENTION_PERIOD` to a number of hours. For example, to retain deleted data for 14 days (336 hours):

    ```bash theme={null}
    export GORILLA_DATA_RETENTION_PERIOD="336h"
    ```
  </Tab>

  <Tab title="Helm">
    To change the data retention policy, set the Helm value `env.dataRetentionPeriod` to a number of hours. For example, to retain deleted data for 14 days (336 hours):

    ```helm theme={null}
    env: dataRetentionPeriod: "336h"
    ```
  </Tab>
</Tabs>

## Migration options

Migration to Dedicated Cloud from a [Self-Managed instance](/platform/hosting/hosting-options/self-managed) or [Multi-tenant Cloud](/platform/hosting/hosting-options/multi_tenant_cloud) is supported, subject to specific limits and migration-related constraints

## Next steps

Submit [this form](https://wandb.ai/site/for-enterprise/dedicated-saas-trial) if you are interested in using Dedicated Cloud.