Creating a PCI Compliant Cadence Cluster
Overview
The PCI compliance standards relate to the security of user data and transactional information. Customers who require their application to be PCI compliant or would like to take advantage of its additional security features, can choose to create a PCI compliant Cadence Cluster. You can read more about PCI and our support for it here.
Enable PCI Compliant account security settings
Before Creating an PCI cluster, we need to enable PCI compliance on the account. Navigate to Account Settings under the Settings Cog in the top right of Console. Then select the Security tab.
Select the checkbox under PCI Compliance to make your account PCI compliant. This allows you to access the requirements for using PCI with a cluster.
Note that PCI compliance relies on multi-user access, so we require having 2 account owners in case of loss of access for one person. This satisfies the first section of the PCI requirements.
Creating a cluster
You can continue with the Console Interface to provision a PCI compliant cluster. Alternatively, you can use the Instaclustr Provisioning API.
As Cadence depends on Cassandra, and optionally Kafka and OpenSearch if Cadence Advanced Visibility is enabled, you need to create the Bundled Use Only and PCI Compliant Cassandra/Kafka/OpenSearch clusters first.
To make the dependency clusters Bundled Use Only, be sure to enable the Bundled Use Only Cluster checkbox on the corresponding Setup pages. Refer to Bundled Use Only Cluster Deployments for more information about Bundled Use Only clusters.
Refer to Creating a PCI Compliant Cassandra Cluster and Creating a PCI Compliant Apache Kafka Cluster for how to create PCI Compliant Cassandra and Kafka clusters. Please remember to enable the Use private IPs broadcast for auto-discovery option for Cassandra.
Creating a PCI Compliant OpenSearch cluster is similar and mainly involves selecting the PCI Compliance mode in the Console.
After the Bundled Use Only and PCI Compliant dependency clusters have been created, you can start creating a PCI Compliant Cadence cluster.
Navigate to the Create Cluster wizard and create a cluster according to your requirements. Be sure to enable the PCI Compliance Mode checkbox under Enterprise features. You can refer to our support article on Creating a Cadence Cluster for more information.
Currently, PCI compliance mode is only available for Cadence in Private Network, and Amazon Web Services and Google Cloud Platform as the infrastructure provider.