Easy way to host simple Phoenix app if you have sensitive data compliance requirements to deal with?

Hey all,

I’m currently hosting a Phoenix app on Heroku, but I’m interested in switching to something more Elixir-friendly (and more compliance-friendly). I have simple deployment needs, just a Phoenix monolith with Postgres. Having a few minutes downtime for deploys is not an issue for me.

What is an easy way to deploy Elixir on a platform that has SOC2 type 2 or ISO27001 audits, and which provides granular access controls?

Unfortunately Gigalixir does not have this currently. I want to avoid Kubernetes. I am afraid a simple option may not exist.

Thanks!

1 Like

Both Digital Ocean and Linode seem to have the certifications you need.

Maybe @mrkurt can tell us if fly.io is compliant :slight_smile:

1 Like

Setting up a Phoenix app on DO is pretty straight forward blog post. Depending on your needs you can create a DB locally or use their PG as a service offering.

Wow, Fly.io looks incredibly cool. I had not encountered that before.

2 Likes

I haven’t tried it yet, but I just discovered Aptible, a simple way to deploy Docker containers in a compliance-friendly environment: https://www.aptible.com/

2 Likes

i’m looking into this now so a little non-comprehensive update.

  • Gigalixir doesn’t seem to have any complience data that i can see, but it does only use Google Cloud.
  • fly.io is both HIPAA and SOC2 complient.
  • Scalingo has a few servers in the EU with ISO and HDS.
3 Likes