How Nuon works in your environment.
A complete walkthrough of the control plane, runner architecture, and install lifecycle.
Control Plane
The Nuon control plane
Self-hosted or managed. API-driven. The control plane manages applications, installs, releases, and the runner fleet across all your cloud accounts.
API
REST and gRPC APIs for all control plane operations.
Runner API
Dedicated API for runner communication. Egress-only from runner side.
App Registry
Manages application definitions, components (Helm, Terraform, Docker), and configurations.
Install Manager
Tracks install lifecycle, provisions runners, coordinates deployments.
Release Pipeline
Version management, release channels, rollout orchestration.
Audit Service
Centralized logging of all actions across all installs and runners.
Install Lifecycle
From provisioning to day-two operations
Each install follows a defined lifecycle managed by the control plane and executed by the runner.
Create Install
Define the target cloud account, region, and configuration inputs. The control plane validates and prepares the install.
Provision Runner
An isolated EC2 instance is provisioned inside the target VPC. Egress-only. Scoped IAM role for provisioning.
Deploy Application
Runner executes Helm, Terraform, and Docker components. Infrastructure and application are deployed together.
Ongoing Operations
Drift detection, health checks, update delivery, audit logging. The runner switches to the Maintenance IAM role.
Integration
Works alongside what you already have
Nuon connects to your existing infrastructure rather than replacing it. Bring your Terraform harness, your identity providers, your network topology.
Terraform Harness
Nuon manages vendor and open source apps. Your existing Terraform harness manages internal apps. Both coexist — Nuon handles what your harness wasn't built for.
Identity Federation
Connect Okta, Auth0, Azure AD, or any SAML/OIDC provider. Nuon respects your existing identity boundaries and RBAC policies.
Network Topology
VPC peering, private endpoints, transit gateways. Nuon installs connect to your network — not the other way around.
Multi-Cloud
Deploy anywhere your accounts live
AWS
Full support. EKS, EC2, RDS, and all standard services.
Azure
AKS and Azure-native services. Full runner support.
GCP
GKE and GCP services. Runner provisioning and lifecycle management.
On-Prem
Self-hosted control plane for air-gapped environments. Full feature parity.