Architecture

Deployment's architecture is designed to be scalable, fault-tolerant, distributed, and multi-tenant. Our control plane runs on AWS; the data plane runs in your cloud account.

The architecture has two halves:

Control Plane

The control plane consists of the microservices, dashboards, and databases that run on deployment.io's AWS. Its responsibilities:

1. user management
2. creating, allocating, and scheduling jobs that the data plane executes
3. billing
4. the public API

Data Plane

The data plane is the runner — a client that runs in your cloud account and executes the workloads the control plane sends it. Its responsibilities:

1. Deployment jobs: checking out source code, building it, deploying it, creating previews, deleting cloud resources when deployments are removed.
2. Task agent runs: running AI coding agents in isolated containers that read from and write to your repositories, then open pull requests for review.

The runner needs only a private subnet and an outbound HTTPS connection to deployment.io. All traffic between control plane and data plane is encrypted over TLS. Your source code and cloud credentials never leave your cloud account — only job state, logs, and metadata flow back to deployment.io.

For the install steps, the resources the CloudFormation stack creates in your AWS account, cost details, and uninstall instructions, see AWS Setup.