Skip to content

BYOC Copilot

The BYOC Copilot deployment model is designed for software providers whose customers require their product to run within their own cloud environment with intermittent connectivity for management operations. In this model, your customers' environments can remain disconnected from the control plane for normal operations and only connect for scheduled tasks like installations, upgrades, or patches.

This model is ideal when your customers want to maintain control over their infrastructure and data but still benefit from your managed services for complex operational tasks.

When to use BYOC Copilot

This deployment model is suitable when your customers:

  • Need the product to run in their own cloud account (AWS, GCP, or Azure).
  • Operate in environments with restricted or intermittent internet access.
  • Require a trust relationship to be temporary, established only for specific management tasks.
  • Want a streamlined, 1-click installation process that sets up all required infrastructure from scratch.

How it works

The BYOC Copilot model balances customer control with centralized management. The workflow is divided into distinct phases:

  1. Pre-Installation: Your customer grants your cloud account temporary access to their environment. You then use the Omnistrate Customer Portal to trigger the 1-click installation.
  2. Installation: The installer bootstraps the necessary infrastructure, pulls secure container images, validates the license, and provisions the product in your customer's account.
  3. Post-Installation: The customer can revoke the temporary trust relationship. The product operates independently without external dependencies.
  4. Upgrades and Maintenance: To perform an upgrade or apply a patch, you coordinate with the customer to temporarily re-establish the trust relationship during a maintenance window.
  5. Troubleshooting: If your customer ever needs operational assistance, they don’t need to share their desktop or credentials. Instead, they can temporarily re-establish a secure trust channel (‘break-glass’ access) that lets us provide support in a controlled, auditable way

To perform an upgrade or apply a patch, you coordinate with the customer to temporarily re-establish the trust relationship during a maintenance window.

Prerequisites

For the BYOC Copilot deployment, the following prerequisites apply:

  • Your customers use AWS, GCP, or Azure as their cloud provider.
  • Your customers need internet access to download container images from a secure registry.
  • The installation process sets up infrastructure from scratch in their cloud account or VPC.
  • Your customers must be willing to temporarily establish a trust relationship with your account for deployment and upgrades, which can be removed post-installation.

Note

If these prerequisites are not met, please review the On Prem use case or contact support@omnistrate.com to discuss your use case.

Key benefits

Centralized customer management

  • Manage all customer subscriptions and deployments from a single platform.
  • Gain visibility into active and inactive deployments.
  • Automate tenant provisioning to support enterprise-scale applications.

1-Click installer

  • Provide a self-serve deployment that simplifies infrastructure setup.
  • Support multi-cloud and hybrid environments.
  • Use a secure, automated deployment pipeline with minimal manual intervention.

Controlled version management

  • Maintain versioning support for different customer environments.
  • Deprecate outdated software versions securely.
  • Automate upgrades with rollback capabilities, notifications, and progress tracking.

Secure license validation

  • Prevent unauthorized usage and fraud with a secure license validator.
  • Enforce license compliance for both multi-tenant and on-prem subscriptions.
  • Enable audit trails for compliance and monitoring.