Overview of the M8TRX deployer infrastructure. Each subsection below comes from the original architecture review.
- Overview — Multi-tenant AWS platform that deploys hardened, fully isolated customer environments running AI agents. Two customer te
- Network — Each customer is fully isolated at the AWS network layer. There are no VPC peering connections, no shared subnets, and n
- Compute — Two customer templates ship today. Both run on the same hardened Ubuntu 22.04 base AMI (Packer-baked) with identical OS
- IAM & Access — Each customer instance assumes a unique IAM role with a permission boundary that hard-caps maximum privileges.
- Brain & Tailscale — A control plane that connects every M8trx Agent customer instance to a central Brain service over a Tailscale tailnet. T
- Data Protection — All data encrypted at rest with per-customer KMS keys and in transit with TLS.
- Agent Sandbox — AI agents handle sensitive customer data — email, financial documents, chats, business records. They run inside a Docker
- Mgmt Access — Two distinct access paths for the operator team: (1) reaching the operations dashboard over Tailscale, and (2) reaching
- Monitoring — Multi-layered monitoring with automated alerting across all customer environments.
- Incident Response — One-command quarantine triggered from the dashboard UI or CLI.
- Security Controls — Every threat has at least 3 independent control layers. If one fails, the others still protect.
- User Access — Each customer instance supports multiple users with role-based access, per-user data isolation, granular permissions, an
- File Structure —
- Deploy Guide — Complete step-by-step instructions for initial platform setup and deploying new customer instances. Follow these in orde
- Token Usage — Per-customer Claude API token consumption analytics with cost estimation and configurable alert thresholds. Tracks input
The original 15-tab single-page architecture review with full SVG diagrams is preserved at /architecture/. Wiki copies above are editable; the static one is not.