TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 03:24:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

docs: additional terms for dedicated instance (#2047)

Browse Source 
* init

* adds maintenance

* incidents, minors

* sidebar

* naming tos

* annex

* intro

* updates support services

* update sla

* correct error

* tos

* custom support hours

* revision tos

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* purchase order

* fix guarantees link

Co-authored-by: Florian Forster <florian@caos.ch>
This commit is contained in:
mffap 2021-07-21 09:09:36 +02:00 committed by GitHub
parent 21001862ae
commit 17fb40b55d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 183 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
docs/docs/legal/dedicated-instance-annex.md Normal file
View File

@ -0,0 +1,77 @@
---
title: Annex to the Dedicated Instance Terms
custom_edit_url: null
---
## Introduction
This annex to the [Dedicated Instance Terms](terms-of-service-dedicated) describes the dedicated instance services and guarantees under different configurations.
Last revised: July 20, 2021
## Overview
### Service differences
The following table compares the different services, based on the preferred provider (Google Cloud). If you choose a different provider than our preferred provider the [Gurantees](#guarantees) stated in this document apply.
Service Levels
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Monitoring | 24x7 | 24x7 | 24x7
[Availability Objective](service-level-description#availability-objective) | 99.95% | 99.5% | 99.9%
Performance | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply) | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply) | up to [rate limits](rate-limit-policy#what-rate-limits-do-apply)
[Support hours](support-services#description-of-services) | Business | Business | Extended
[Response time (Sev 1)](support-services#slo---initial-response-time) | 1h | 2h | 1h
[Technical account manager](support-services#technical-account-manager) | n/a | n/a | 2h / week
High-availability configuration
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Multi-zone HA | yes | yes | yes
Geographic HA | yes | option | option
Multi-provider HA | yes | option | option
Upgrade and backup schedule
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Update flexibility | no | no | yes
Backup flexibility | no | yes | yes
Security
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
DDOS Protection | yes | option | option
Strict TLS | yes | yes | yes
Web Application Firewall | yes | option | option
DNS Protection | yes | no, bespoke | no, bespoke
DNSSEC | yes | no, bespoke | no, bespoke
Features
Service / Feature / Guarantee | ZITADEL Cloud FORTRESS | ZITADEL Dedicated Standard | ZITADEL Dedicated Advanced
--- | --- | --- | ---
Audit log retention | 13 months | unlimited | unlimited
Tenancy | shared | dedicated | dedicated
Data region | CH | custom | custom
Data processing | CH | custom | custom
## Guarantees
### Infrastructure Provider
CAOS offers the following guarantees for a given infrastructure provider and customer satisfies the [prerequisites](https://docs.zitadel.ch/docs/guides/installation/managed-dedicated-instance).
Guarantees | Google Cloud | Static / Other | Self-hosted
---|---|---|---
Maintained by CAOS | yes | yes, product only | no
24x7 monitoring | yes | yes, product only | yes, product only
Availability SLO | [up to 99.9%](service-level-description#availability-objective) | none | none
Performance SLO | up to [rate limits](https://docs.zitadel.ch/docs/legal/rate-limit-policy#what-rate-limits-do-apply) | none | none
### Backup
ZITADEL Cloud creates hourly backups. We do not guarantee recovery time objective. Recovery point objective is in the context of our [event-sourcing pattern](/docs/concepts/eventstore) not meaningful.

12
docs/docs/legal/service-level-description.md
View File

@ -64,6 +64,8 @@ FREE | Not applicable
OUTPOST | 99.50%
STARBASE | 99.90%
FORTRESS | 99.95%
DEDICATED STANDARD | 99.50%
DEDICATED ADVANCED | 99.90%
2. If CAOS Ltd. does not meet the guaranteed service level, Customer might be eligible to receive Financial Credit as described in this document. Financial Credit shall be the sole and exclusive remedy for breach of this SLA.
3. The Customer must request Financial Credit and must notify CAOS Support in writing within 30 days of becoming eligible for Financial Credit and must prove Failed Customer Requests during Downtime Periods. Financial Credit will be made in the form of a monetary credit applied to the next possible subscription invoice of ZITADEL Cloud, may only be used to book services in the future, and will in no case be paid as a cash equivalent. No further guarantees are provided.
@ -75,9 +77,11 @@ FORTRESS | 99.95%
Subscription plan | Quality of Service Level | Request Priority
--- | --- | ---
FREE | high | When ZITADEL Cloud receives concurrent requests, it will try to process these requests first, and with higher priority over other requests
OUTPOST | medium | Give way to requests with priority high
STARBASE | low | Give way to requests with priority high or medium
FORTRESS | best effort | No priority for requests
FORTRESS | high | When ZITADEL Cloud receives concurrent requests, it will try to process these requests first, and with higher priority over other requests
STARBASE | medium | Give way to requests with priority high
OUTPOST | low | Give way to requests with priority high or medium
FREE | best effort | No priority for requests
DEDICATED STANDARD | n/a | Dedicated instance, single tenancy
DEDICATED ADVANCED | n/a | Dedicated instance, single tenancy
2. The Service Level commitments apply only to organizations with a subscription plan where a Service Level is applicable and does not include any other organizations of the same customer. Customers are not entitled to Financial Credit or further reimbursement.

62
docs/docs/legal/support-services.md
View File

@ -5,38 +5,48 @@ custom_edit_url: null
## Introduction
This annex of the [Framework Agreement](terms-of-service) describes the support services offered by us for our Services (ZITADEL Cloud).
This annex of the [Framework Agreement](terms-of-service) describes the support services offered by us for our Services.
Support Services for products and services provided by CAOS is offered to customers according to the terms and conditions outlined in this document. The customer may purchase support services from CAOS Ltd. directly.
Last revised: July 20, 2021
## Support Services
**Business hours** means 08:00-17:00 Monday - Friday Switzerland time (or as per agreement with the customer). All times exclude public holidays in Switzerland / Canton St. Gallen.
**Extended hours** means 07:00-19:00 Monday - Friday Switzerland time (or as per agreement with the customer). All times exclude public holidays in Switzerland / Canton St. Gallen.
**Ticket** means a discrete technical or non-technical issue that was submitted by the customer and exists in the support portal. A ticket includes a record of all communication associated with the issue.
### Description of Services
Customers in ZITADEL Cloud FREE plan or using the Open Source Version of ZITADEL are excluded from the support plans. For ZITADEL Enterprise and ZITADEL Enterprise Cloud please refer to the relevant documents. Support features for ZITADEL Cloud Subscription plans are as follows:
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS
--- | --- | --- | --- | ---
Support hours | not applicable | Mo-Fr, <br/> business hours | Mo-Fr, <br/> business hours | Mo-Fr, <br/> business hours
Response Time <br/> (Severity 1) | n/a | Best effort | 4 business hours | 1 business hour
eMail Support | n/a | yes | yes | yes
Chat Support | n/a | no | yes | yes
Phone Support | n/a | no | yes | yes
Technical Account Manager | n/a | n/a | n/a | n/a
Customers in ZITADEL Cloud FREE plan or using the Open Source Version of ZITADEL are excluded from the support plans. Support features for Subscription plans are as follows:
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS | DEDICATED STANDARD | DEDICATED ADVANCED
--- | --- | --- | --- | --- | --- | ---
Support hours | not applicable | Business hours | Business hours | Business hours | Business hours | Extended hours
Response Time <br/> (Severity 1) | n/a | Best effort | 4 business hours | 1 business hour | 2 business hours | 1 business hour
eMail Support | n/a | yes | yes | yes | yes | yes
Chat Support | n/a | no | yes | yes | yes | yes
Phone Support | n/a | no | yes | yes | yes | yes
Technical Account Manager | n/a | n/a | n/a | n/a | n/a | 2h / week
CAOS and Customer may mutually agree on different support hours in writing.
### SLO - Initial response time
CAOS service level objective (SLO) for Support Services is defined in terms of initial response time to a support request, as outlined in the table below per plan. CAOS will use reasonable efforts to resolve support requests, but does not guarantee a work-around, resolution or resolution time.
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS
--- | --- | --- | --- | ---
Severity 1| not applicable | not applicable | 4 business hours | 1 business hours
Severity 2| not applicable | not applicable | 12 business hours | 2 business hours
Severity 3| not applicable | not applicable | 24 business hours | 12 business hours
Severity 4| not applicable | not applicable | 48 business hours | 24 business hours
Subscription Plans | FREE | OUTPOST | STARBASE | FORTRESS | DEDICATED STANDARD | DEDICATED ADVANCED
--- | --- | --- | --- | --- | --- | ---
Severity 1| not applicable | not applicable | 4 business hours | 1 business hours | 2 business hours | 1 business hours
Severity 2| not applicable | not applicable | 12 business hours | 2 business hours | 12 business hours | 2 business hours
Severity 3| not applicable | not applicable | 24 business hours | 12 business hours | 24 business hours | 12 business hours
Severity 4| not applicable | not applicable | 48 business hours | 24 business hours | 48 business hours | 24 business hours
### Communication
- Support is available in Swiss-German, German, and English
- Default contact: Whenever customers require support, Customers should consult the documentation of ZITADEL or post a question to our community.
- When Customer is eligible for support services through a Subscription Plan, Customer may contact CAOS support via the following channels
@ -47,22 +57,25 @@ eMail Support | support@zitadel.ch
Chat Support | Private chat channel between CAOS and Customer that is opened when Subscription becomes active
Phone Support | +41 43 215 27 34
- ZITADEL Cloud system status, incidents and maintenance windows will be communicated via https://status.zitadel.ch
- Questions regarding pricing, billing, and invoicing of our services should be addressed to billing@caos.ch.
- ZITADEL Cloud system status, incidents and maintenance windows will be communicated via [our statuspage](https://status.zitadel.ch).
- Questions regarding pricing, billing, and invoicing of our services should be addressed to billing@caos.ch.
- Security related questions and incidents can also be directly addressed to security@caos.ch.
### Technical account manager
CAOS will enhance its support offering by providing eligible clients with a Technical Account Manager (TAM), who will perform the following tasks for up to the specified amount of time per week during the term of service:
CAOS will enhance its support offering by providing eligible clients with a Technical Account Manager (TAM), who will perform the following tasks for up to the specified amount of time per week during the term of service:
- Provide support and advice regarding best practices on platform, product and configuration covered by the applicable Support Services;
- Participate in review calls every other week at mutually agreed times addressing customers operational issues.
*We currently offer TAM services only in the Enterprise plans. If you require consulting for your projects, please request a quote via hi@zitadel.ch*
We offer TAM services only bundled with specific subscription plans, and the option to add more TAM hours to these plans. If you require consulting for your projects, please request a quote via our [website](https://zitadel.ch/contact).
## Support
### Support request
CAOS agrees to handle support incidents in the following scenarios:
1. ZITADEL Cloud software or configuration as provided by CAOS contains errors or critical security-related issues
2. ZITADEL Cloud requires upgrades or changes through the customer
3. ZITADEL Cloud have incorrect or missing documentation
@ -79,16 +92,17 @@ Excluded are broader consulting & customer-specific engineering requests regardi
### Support service process
The customer may submit support requests (“ticket”) through any means of eligible communication channels, consisting of
- Single discrete problem, issue, or request
- Initial severity level and impact statement for assessment
- Description of the issue and if possible a description of the observed and expected behavior, steps to reproduce the issue, evidence that issue is not caused by connectivity / compute, relevant anonymized log-files etc.
- All information requested by CAOS as we resolve the ticket (e.g. system logs)
CAOS will review the case information and determine the severity level (see below), working with the customer to assess the urgency of the request and use reasonable efforts to respond to support requests within the initial response time
CAOS will review the case information and determine the severity level (see below), working with the customer to assess the urgency of the request and use reasonable efforts to respond to support requests within the initial response time.
CAOS will use reasonable efforts to resolve support request as defined below, but does not guarantee a workaround, resolution or resolution time
Severity Level | Description
Severity Level | Description
--- | ---
**Severity 1**<br/> Critical / Service down| <p>Widespread failure or complete unavailability of CAOS Core Services. </p><p> CAOS will use continuous effort to provide a workaround or permanent solution. When Core Services are available, the severity will be lowered to the new appropriate level.</p>
**Severity 2**<br/> Core functionality unavailable or severely degraded| <p>Core Services of CAOS software continue to operate in severely restricted fashion, yet long-term productivity may be impacted.</p><p> When Core Services are no longer severely degraded (eg, through a viable workaround or release), the severity level will be lowered to Severity 3.</p>
@ -98,9 +112,11 @@ Severity Level | Description
### Escalation
The customer may escalate support requests following the escalation process:
The customer may escalate support requests following the escalation process:
1. For non-urgent needs, the client may request management escalation within the ticket. A manager will review the request and provide a response within one business day.
2. For urgent needs, the client may escalate directly by calling +41 43 456 84 69 and emailing to hi@caos.ch
### Termination
If the customer decides to terminate, or downgrade the subscription, the customer may continue to use the software products, but the support level will be adjusted according to the new ZITADEL Cloud Subscription Plan. CAOS does not provide support on per-issue-basis.

41
docs/docs/legal/terms-of-service-dedicated.md Normal file
View File

@ -0,0 +1,41 @@
---
title: Dedicated Instance Terms
custom_edit_url: null
---
## General
Last revised: July 20, 2021
### Background
Within the scope of the Framework Agreement, the Customer may choose to purchase a subscription that requires a dedicated instance of ZITADEL. These additional terms for dedicated instance ("**Dedicated Instance Terms**") apply in addition to the Framework Agreement.
### Service
CAOS operates and manages a **Dedicated Instance** of ZITADEL in a private infrastructure environment dedicated for the Customer and provides support services for the Customer according the Purchase Order, these terms, agreed [**Service Level Description**](service-level-description), and [**Support Service Descriptions**](support-services).
Each Dedicated Instance consists, except agreed otherwise in writing, of a multi-zonal high-availability configuration that guarantees loads up to the specified [rate limits](rate-limit-policy#what-rate-limits-do-apply).
### Operations
CAOS will install and manage the Dedicated Instance on infracstructure provided by preferred cloud providers. Costs for infrastructure or cloud providers are not included in the Subscription, if not agreed otherwise in writing.
You may choose to provide the required infrastructure yourself. You must comply with the [requirements and prerequisites](https://docs.zitadel.ch/docs/guides/installation/managed-dedicated-instance) as documented.
Please refer to the [annex](dedicated-instance-annex) with regards to limitations of the deployment options, especially when using an own infrastructure provider. By accepting these terms you also accept the terms in the annex.
You may not modify, maintain or attempt to modify the Dedicated Instance, except with prior instructions by CAOS.
CAOS will use the same backup strategy as for ZITADEL Cloud (public cloud) services, except otherwise agreed between you and CAOS in writing.
### Maintenance and Updates
We will access, modify, and maintain the Dedicated Instance at times solely determined by CAOS (**"Regular Maintenance"**).
Under certain subscription plans, the Customer may agree a custom frequency and times for changes and updates. CAOS will coordinate the cadence and the changes with the Customer. To guarantee the quality of service, maintenance will occur on regular basis, typically monthly or sooner for security or performance related patches (**"Emergency Maintenance"**), but no longer than on quarterly basis.
If you fail to permit CAOS to conduct Regular Maintenance for 3 consecutive months or Emergency Maintenance within 5 days of notification, then CAOS will raise this issue with the Customer via Escalation Process. In case the issue is not resolved 5 days after such an escalation, CAOS may terminate the subscription with 30 days prior written notice to Customer. CAOS is not obligated to provide the service according to the terms and SLA, nor is CAOS liable to any security breach or damages after failure to permit Regular Maintenance for 3 consecutive months, or Emergency Maintenance for 5 days after notification.
### Incidents
Incidents are handled as documented in the [**Support Service Descriptions**](support-services). If the Customer choose in Purchase Order to provide the required infrastructure, then any incidents related to the infrastructure of the Dedicated Instance have to be resolved through the Customer directly.

11
docs/docs/legal/terms-of-service.md
View File

@ -8,7 +8,7 @@ custom_edit_url: null
CAOS Ltd. (**"We"**, **CAOS AG**, or simply **CAOS**), with head office in Teufener Strasse 19, 9000 St. Gallen, Switzerland, offers "Identity and Access Management as service" with the brand name "ZITADEL Cloud Services" and all of our Websites (**Services** or **ZITADEL Cloud**).
The customer relationship (**Framework Agreement** or **The Agreement**) is created by the **Customer** (**"you"**) by creating a user or organisation within the ZITADEL Cloud Service. On the basis of this Framework Agreement you may then choose to make use of payable services (**Subscription**) as you wish, i.e. you may book services, options and packages yourself at any time (**Booking**) and subsequently terminate them.
The customer relationship (**Framework Agreement** or **The Agreement**) is created by the **Customer** (**"you"**) by creating a user or organisation within the ZITADEL Cloud Service. On the basis of this Framework Agreement you may then choose to make use of payable services (**Subscription**) as you wish, i.e. you may book services, options and packages yourself at any time (**Booking**, **Purchase Order**) and subsequently terminate them.
The terms of service (**"TOS"**) outlined in this document establish the most important points of this Framework Agreement independently of the use of any services.
@ -24,6 +24,11 @@ The following policies complement the TOS. When accepting the TOS, you accept th
* [**Acceptable Use Policy**](acceptable-use-policy) - What we understand as acceptable and fair use of our Services
* [**Rate Limit Policy**](rate-limit-policy) - How we avoid overloads of our services
This Agreement is extended with additional terms, in case your Subscription requires a Dedicated Instance. When you enter the Agreement with us, you accept these additional agreements.
* [**Dedicated Instance Terms**](terms-of-service-dedicated) - How we provide our services for a dedicated instance
* [**Annex to the Dedicated Instance Terms**](dedicated-instance-annex) - Describe differences of services and guarantees with different providers
### Alterations
Any provisions which deviate from these TOS must be agreed in writing between the Customer and us. Such agreements shall take precedence over the TOS outlined in this document.
@ -190,7 +195,9 @@ Should any provision of these TOS be or become invalid, this shall not affect th
### Entry into force
These TOS shall enter into force as of 16.06.2021
These TOS shall enter into force as of 16.06.2021.
Last revised: July 20, 2021
### Amendments

9
docs/sidebars.js
View File

@ -159,6 +159,15 @@ module.exports = {
'legal/support-services',
],
},
{
type: 'category',
label: 'Dedicated Instance',
collapsed: false,
items: [
'legal/terms-of-service-dedicated',
'legal/dedicated-instance-annex',
],
},
{
type: 'category',
label: 'Policies',