# Self-hosted Felt

With the self-hosted configuration, Felt runs as a single-tenant instance inside your AWS environment. Your maps, geospatial data, and user activity never leave your infrastructure, so Felt has no access to your data at rest or in transit within your network. Felt manages software updates and ongoing maintenance for your instance. You get the same Felt experience as the cloud product, with full control over where your data lives.

This deployment option allows organizations with strict security, compliance, or data privacy requirements to run Felt within their own infrastructure. Choosing Self-hosted Felt has the following benefits:

* **Your data stays in your environment** - All map data, uploads, and processing occur within your AWS account
* **Network isolation** - Felt operates in a private, isolated network that you control
* **Regional flexibility** - Deploy in the AWS region that meets your data residency requirements
* **Compliance ready** - Meet strict security and compliance requirements (CMMC, FedRAMP, etc.)

To get started with self-hosted Felt, reach out to our sales team to discuss your requirements: <https://felt.com/sales>.

{% hint style="success" %}
This feature is only available to customers on the [Enterprise plan](https://felt.com/pricing). To upgrade, [contact Sales](https://felt.com/sales).
{% endhint %}

## Key benefits

#### Data sovereignty

Your geographic data never leaves your AWS account. All processing, storage, and computation happens within your controlled environment. Choose the AWS region where your Self-hosted Felt instance operates to comply with data residency requirements or optimize performance for your users.

#### Network security

* Deploy within your existing VPC or let Felt create a dedicated one
* Control network ingress and egress with your security policies
* Integrate with your existing security infrastructure (firewalls, monitoring, etc.)

#### Compliance

Self-hosted Felt helps organizations meet requirements for:

* Government contracts requiring data isolation
* Industry regulations with strict data handling requirements
* Internal security policies mandating on-premises or private cloud deployment

#### GovCloud Ready

GovCloud deployments are supported with a dedicated setup process. Contact your Felt account team for details.

## How it works

#### Architecture Overview

A Self-hosted Felt instance includes:

1. **Application Layer** - The Felt web application running in AWS ECS
2. **Data Pipeline** - Processing infrastructure for handling map data uploads and transformations
3. **Database** - Managed PostgreSQL database for application data
4. **Storage** - S3 buckets for map assets and uploaded files
5. **AI Services** - Integration with AWS Bedrock for AI-powered features

#### Connectivity

Because you control the VPC it runs on, a Self-hosted Felt deployment can be configured with:

* **Public access** - Users access Felt through a custom domain with TLS encryption
* **Private access** - Restrict access to users within your corporate network via VPN or Direct Connect
* **Hybrid** - Combine public and private access based on your needs

#### Deployment Options

**Option 1: Felt-managed VPC**

Felt creates and configures a dedicated VPC in your AWS account with all necessary networking components:

* Public and private subnets across multiple availability zones
* NAT Gateways for secure outbound connectivity
* Private endpoints for AWS services (S3, Bedrock, CloudWatch, etc.)

**Option 2: Bring your own VPC**

Deploy Felt into an existing VPC that your organization manages. This option requires:

* At least 2 availability zones
* Public subnets for load balancers
* Private subnets for application workloads

## Requirements

#### AWS account requirements

* An AWS account with administrator-level permissions for initial deployment
* Sufficient service quotas for ECS, Lambda, S3, and RDS
* AWS Bedrock access for AI features (Claude models)

#### For bring your own VPC

If using an existing VPC, you'll need to provide:

* Your VPC ID and CIDR range
* At least 2 Availability Zones
* At least 2 public subnet IDs
* At least 2 private subnet IDs

#### Domain and certificates

* A domain name for your Felt instance (e.g., `maps.yourcompany.com`) managed by Route53
* An AWS ACM certificate for TLS encryption

## Frequently asked questions

<details>

<summary>How do I get started?</summary>

This feature is only available to customers on the Enterprise plan. Reach out to our [sales team](https://felt.com/sales) to discuss your requirements.

</details>

<details>

<summary>With self-hosted, does Felt have access to my data?</summary>

No. Your maps, files, and geospatial data stay in your AWS account. Felt receives only aggregate usage metrics (user counts, storage totals, map view counts) during the daily license renewal. No map content or user data is transmitted.

</details>

<details>

<summary>Can I run self-hosted Felt in AWS GovCloud?</summary>

Yes. GovCloud deployments are supported with a dedicated setup process. Contact [Felt sales](https://felt.com/sales) for details.

</details>

<details>

<summary>How is self-hosted Felt different from the cloud product?</summary>

You get the same Felt features. The difference is where it runs: self-hosted Felt deploys in your AWS account, giving you control over data location, network policies, and access. Felt manages software updates and maintenance for your instance.

</details>

<details>

<summary>How does licensing work with Self-hosted Felt?</summary>

Your Self-hosted Felt instance communicates with Felt's licensing API to validate your subscription. This is the only outbound connection to Felt's infrastructure.

</details>

<details>

<summary>Can I restrict which users can access my Self-hosted Felt instance?</summary>

Yes. You control network access through your VPC's security groups and can integrate with your identity provider for authentication.

</details>

<details>

<summary>What AWS regions are supported?</summary>

Self-hosted Felt deployment supports most commercial AWS regions. Contact us for GovCloud availability.

</details>

<details>

<summary>How are updates handled?</summary>

Felt provides updated CloudFormation templates and Docker images. You control when updates are applied to your environment.

</details>

<details>

<summary>What about backups?</summary>

Database backups are handled through AWS RDS automated backups. You control retention policies and can configure cross-region replication if needed.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.felt.com/administration/self-hosted-felt.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.