Reference architectures

Deployment patterns your security team will recognize

fastpace runs locally and mediates the developer's call to whichever AI runtime your organization chose. These four reference deployments show data flows, config snippets, and the procurement-relevant attestations for the most common patterns.

AWS Bedrock + Claude

Stays in your AWS account. PrivateLink-eligible. BAA-eligible.

training-opt-outPrivateLinkHIPAA BAAus-east / us-west / eu / apac
Data flow
  1. 1
    Developer machine
    CLI, skills, agents, hooks, local UI
  2. 2
    Pre-prompt hook
    Redacts secrets + sensitivity-tagged content
  3. 3
    AWS PrivateLink
    Optional — keeps prompt traffic on AWS backbone
  4. 4
    Bedrock Claude Opus 4.7
    Returns model output
  5. 5
    Run-manifest signing
    Signs (model, endpoint, opt-out flag, hashes) into fastpace/manifests/
  6. 6
    Audit log + repo
    Hash-chained entries land in fastpace/audit.log
Config
# fastpace.config.yaml
runtimes:
  allowed:
    - bedrock-claude-opus-4.7
  bedrock:
    region: us-east-1
    profile: fastpace-bedrock
    require_training_opt_out: true
    require_privatelink: false   # set true if you've stood up the VPCE
hooks:
  prompt_redactor:
    enabled: true
  audit_logger:
    enabled: true
    hash_chain: true
Where data lives
Source code, audit log, manifests, ADRs — your repo. Prompts (post-redaction) — direct to Bedrock; nothing routed through a fastpace service.
Sovereignty
Pin region to your jurisdiction (us-east, us-west, eu-central-1, ap-northeast-1). PrivateLink keeps even the prompt-to-Bedrock leg on AWS backbone.
BAA / HIPAA
Bedrock supports BAA when training-opt-out is enforced. fastpace logs the opt-out flag in every run manifest as evidence.
Procurement evidence
fastpace snapshot --since YYYY-MM-DD packages run manifests + audit.log + ADRs. Hand to auditor as the change-management evidence pack.

Azure OpenAI + Codex / GPT

Stays in your Azure tenant. Private endpoint. Customer-managed keys.

training-opt-outprivate endpointCMKmulti-region
Data flow
  1. 1
    Developer machine
    CLI, skills, agents, hooks, local UI
  2. 2
    Pre-prompt hook
    Redacts secrets + sensitivity-tagged content
  3. 3
    Azure Private Endpoint
    Keeps the prompt leg on the Microsoft backbone
  4. 4
    Azure OpenAI deployment
    GPT-4.1, GPT-5, or your chosen model — returns output
  5. 5
    Run-manifest signing
    Captures deployment name, region, opt-out flag, hashes
  6. 6
    Audit log + repo
    Hash-chained entries land in fastpace/audit.log
Config
# fastpace.config.yaml
runtimes:
  allowed:
    - azure-openai
  azure_openai:
    endpoint: https://contoso-openai.openai.azure.com
    deployment: gpt-5
    api_version: '2026-01-01'
    require_private_endpoint: true
    require_training_opt_out: true
    cmk_key_uri: https://contoso-kv.vault.azure.net/keys/openai-cmk/v1
hooks:
  prompt_redactor:
    enabled: true
Where data lives
Source code + audit signal in your repo. Prompts route through Azure Private Endpoint to your deployment; nothing crosses the public internet.
Customer-managed keys
Configure CMK on the Azure OpenAI resource; fastpace records the key URI in each run manifest so the rotation history is reviewable.
Tenant isolation
Each Azure OpenAI deployment is tenant-scoped. fastpace verifies the deployment name + region match the allowed runtime config; mismatches block the call.
Procurement evidence
Azure OpenAI ships data-handling commitments + training-opt-out as default. fastpace logs that they were honored on every call.

GCP Vertex AI + Gemini

Stays in your GCP project. VPC Service Controls. CMEK.

training-opt-outVPC-SCCMEKglobal / regional / multi-region
Data flow
  1. 1
    Developer machine
    CLI, skills, agents, hooks, local UI
  2. 2
    Pre-prompt hook
    Redacts secrets + sensitivity-tagged content
  3. 3
    VPC Service Controls perimeter
    Optional — restricts Vertex AI access to org-defined identities + networks
  4. 4
    Vertex AI Gemini 1.5+
    Returns model output
  5. 5
    Run-manifest signing
    Captures project, location, opt-out flag, hashes
  6. 6
    Audit log + repo
    Hash-chained entries land in fastpace/audit.log
Config
# fastpace.config.yaml
runtimes:
  allowed:
    - vertex-gemini-1.5-pro
  vertex:
    project: contoso-prod
    location: us-central1
    require_vpc_sc: true
    require_training_opt_out: true
    cmek_key: projects/contoso-prod/locations/us-central1/keyRings/fp/cryptoKeys/vertex
hooks:
  prompt_redactor:
    enabled: true
Where data lives
Source code + audit signal in your repo. Prompts go to your Vertex project; VPC Service Controls keep them inside the perimeter.
CMEK
Configure customer-managed encryption keys on the Vertex resource; fastpace pins the key URI in each manifest.
Multi-region
For regulated workloads, pin location to your jurisdiction (us-central1, europe-west4, asia-northeast1). fastpace verifies the location matches and blocks calls that drift.
Procurement evidence
Vertex AI honors the no-customer-data-for-training default; fastpace records the opt-out flag in every run manifest for the auditor.

Air-gapped + on-prem model

PLANNED Q3 2026

No outbound network. Local model server. Offline install bundle.

planned Q3 2026no outboundon-prem modeltarball install
Data flow
  1. 1
    Developer machine
    CLI, skills, agents, hooks, local UI — all from offline tarball
  2. 2
    Pre-prompt hook
    Redacts secrets + sensitivity-tagged content
  3. 3
    Internal model gateway
    On-prem LLM endpoint (vLLM, TGI, Ollama, etc.) — your network only
  4. 4
    Run-manifest signing
    Captures model name, internal endpoint, hashes
  5. 5
    Audit log + repo
    Hash-chained entries land in fastpace/audit.log
Config
# fastpace.config.yaml (air-gapped mode)
runtimes:
  allowed:
    - on-prem-llama-3.3
  on_prem:
    endpoint: https://llm.internal.contoso/v1
    model: llama-3.3-70b
    no_outbound: true   # fastpace refuses any non-allowed network call
hooks:
  prompt_redactor:
    enabled: true
  audit_logger:
    enabled: true
    hash_chain: true
Install path
fastpace install --offline --bundle fastpace-1.0.tgz ships in Q3 2026. Bundle includes CLI + skills + agents + hooks + offline docs.
Network posture
no_outbound: true tells fastpace to refuse any HTTP egress except to allowlisted on-prem endpoints. Verified by hook.
Updates
Offline updates ship as tarballs — same signing keys as the install bundle so provenance is verifiable.
Use cases
Federal civilian / defense / regulated finance / healthcare with strict egress policies.

Need a custom deployment review?

If your environment doesn't match one of the four patterns above — air-gapped Kubernetes, sovereign-cloud Bedrock, hybrid runtime mix — we'll walk through your architecture and produce a written deployment recommendation under NDA.

Request a deployment review → See the trust page → See the compliance page →