Deploying Sombra On-Premise


Sombra can be run as a Docker image, and configuration is set via environment variables. There are hundreds of ways to deploy a productionized Docker image in the world, and this guide is just a starting point. If you have questions about how to deploy Sombra using a specific cloud or platform, please reach out using our support channels.

Accessing the Image

Sombra is not a publicly available Docker image, so you will need to use some form of authentication to pull the image.

AWS Users

If you're using AWS, we can set it up so that you can pull our image from ECR using AWS IAM permissions, which is our recommended way for the strongest security. To do so, put<version_tag> as your image name, replacing <version_tag> with the version you want to deploy, or prod for the latest version.

If you want to use IAM permissions in this way, please send us your AWS IAM Account IDs that will pull sombra images in advance so that we can allowlist them.

Non-AWS Deployments

If you are deploying to any other Cloud, or to an on-premise hosting service, you can make use of our private docker registry with basic authentication. To authenticate, you must first login to our private registry:

docker login

Here is where you will enter the basic auth credentials. The username will always be "Transcend" (casing does matter), and the password will be any API Key for your organization within the admin-dashboard.

Then, you may pull images by running:

docker pull<version_tag>

replacing <version_tag> with the version you want to deploy, or prod for the latest version.

If you plan to use this method, please reach out so that we may internally mark your organization as having access to our registry.

Pre-built Terraform Module

One optional way to deploy Sombra is by making use of our open source terraform module:

This module will deploy Sombra to your AWS account as an ECS Fargate service.