Security

How we protect your data and your AWS environment.

Read-Only AWS Access

uptime.cx connects to your AWS account through a dedicated IAM role with read-only permissions. The role is created via a CloudFormation stack that you deploy in your own account, giving you full visibility and control over exactly what is granted.

  • Zero write permissions— the IAM policy uses only Describe*, List*, and Get* actions. We cannot create, modify, or delete any resource in your account.
  • External ID protection— each workspace has a unique external ID embedded in the IAM trust policy, preventing confused-deputy attacks.
  • Instant revocation— you can revoke access at any time by deleting the CloudFormation stack from your AWS console.
  • No long-lived credentials— we use short-lived STS sessions (1 hour max) obtained via AssumeRole. No persistent credentials for your account are ever stored.

Data Encryption

  • In transit— all connections use TLS 1.2 or higher. The uptime.cx web application enforces HTTPS.
  • At rest— the database is hosted on Neon (PostgreSQL) with encryption at rest enabled. AWS external IDs are additionally encrypted using AES-256-GCM with keys stored in AWS Secrets Manager.
  • Secrets management— all service credentials, API keys, and encryption keys are stored in AWS Secrets Manager with IAM policy-restricted access. No secrets are stored in code or environment variables in plain text in production.

Infrastructure

ComponentProviderRegion
Web applicationVercelGlobal edge network
DatabaseNeon (PostgreSQL)AWS us-east-1
Scanner computeAWS ECS FargateAWS us-east-1
Scan queueAWS SQSAWS us-east-1
Container registryAWS ECRAWS us-east-1
SecretsAWS Secrets ManagerAWS us-east-1

Authentication and Access Control

  • Identity provider— authentication is handled by Clerk with support for email/password and Google SSO.
  • Role-based access— each user with workspace access is assigned one of three roles (Owner, Admin, Member) with granular permission checks enforced server-side on every request.
  • Webhook verification— all incoming webhooks (Clerk, Stripe) are verified using cryptographic signatures (Svix / Stripe signing secrets) before processing.

AI Analysis and Data Handling

For AI-assisted reliability analysis, we send resource configuration summaries to Google Gemini. These summaries include resource types, region placements, relationships, and configuration attributes relevant to reliability (e.g., Multi-AZ settings, backup retention periods).

We do not send:

  • AWS credentials, access keys, or secret keys
  • Application data or database contents
  • Personally identifiable information
  • Security group rules with specific IP addresses

Google Gemini API calls are made with the data-use opt-out setting enabled where available. Prompts and responses are not used by Google for model training.

CI/CD and Code Security

  • GPG-signed commits— all commits to the main branch are cryptographically signed.
  • OIDC authentication— CI/CD pipelines authenticate to AWS using short-lived OIDC tokens via GitHub Actions. No long-lived AWS credentials exist in CI.
  • Infrastructure as Code— all cloud infrastructure is defined and managed via Pulumi, ensuring reproducibility and audit trails.

Subprocessors

SubprocessorPurposeLocation
Amazon Web Services (AWS)Scanner compute, queue, secrets, container registryUnited States
NeonPostgreSQL database hostingUnited States
VercelWeb application hosting, edge computeGlobal
ClerkAuthentication, user managementUnited States
StripePayment processing, billingUnited States
Google (Gemini AI)AI-assisted reliability analysisUnited States

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly by emailing support@uptimecx.com with the subject line "Security Vulnerability Report." We will acknowledge your report within 48 hours and work with you to address the issue.

← Home