Regions
What are Regions?
Section titled “What are Regions?”A region in Vidos represents a fundamental organizational unit that combines geographical location with complete operational independence. Think of a region as a self-contained environment with its own set of services, management capabilities, and data boundaries.
Each region operates as an independent entity within the Vidos system, maintaining strict isolation from other regions while sharing a common identity management framework. This isolation ensures that regions can maintain their own operational integrity, data sovereignty, and compliance requirements.
Key Characteristics
Section titled “Key Characteristics”Independence
Section titled “Independence”- Each region operates independently of other regions
- Regions maintain separate infrastructure and resources
- Service failures in one region do not affect other regions
- No automatic data transfer or replication between regions
Data Sovereignty
Section titled “Data Sovereignty”- Data remains within the geographical boundaries of its designated region
- Helps organizations comply with data residency requirements
- Enables adherence to local regulatory frameworks
- Cross-region data transfer only occurs through explicit customer actions
Fault Tolerance
Section titled “Fault Tolerance”- Regions are designed to be fault-tolerant
- Each region contains multiple availability zones
- Services within a region can maintain operations even if some components fail
- Independent infrastructure ensures regional isolation of issues
Global Services
Section titled “Global Services”While most Vidos services are region-specific, some services operate globally:
Identity and Access Management (IAM)
Section titled “Identity and Access Management (IAM)”- IAM is a global service that spans all regions
- Credentials and permissions are valid across all regions
- Policy management is centralized
- User identities are consistent throughout the system
Working with Regions
Section titled “Working with Regions”Data Processing
Section titled “Data Processing”- All data processing occurs within the region where data is stored
- Cross-region processing requires explicit configuration
- Services maintain data locality unless otherwise specified
Service Management
Section titled “Service Management”Each region has its own instances of core services:
- Authorizer
- Resolver
- Verifier
- Validator
Management Control Planes
Section titled “Management Control Planes”- Each service’s management control plane exists in the same region as the service itself
- Management operations are performed locally within each region
- No cross-region management dependencies
- Configuration and control remain within regional boundaries
- Ensures management operations comply with regional data sovereignty requirements
Each region where a service is present contains its own management control plane for that service. This ensures that service management operations are performed within the same region as the service itself.
Region Boundaries and Relationships
Section titled “Region Boundaries and Relationships”Regional Scope
Section titled “Regional Scope”- Regions define the geographical and logical boundaries for:
- Service deployment and execution
- Data storage and processing
- Management control planes
- Regulatory compliance domains
Cross-Region Interaction Model
Section titled “Cross-Region Interaction Model”- Regions maintain strict boundaries
- Cross-region communication follows explicit pathways
- Data sovereignty principles govern inter-region interactions
- Service management remains within regional boundaries
Conceptual Relationships
Section titled “Conceptual Relationships”Core Service Components
Section titled “Core Service Components”- Service Management: Regional control planes managing local service instances
- Data Sovereignty: Regional boundaries enforcing data location and processing rules
- Identity and Access Management: Global service providing consistent authentication across regions
- Service Architecture: Regional deployment and execution model for Vidos services
Understanding these relationships helps form a complete picture of how regions function as independent but interconnected units within the Vidos system.