IOanyT SecureAI
CIS-hardened, GPU-accelerated generative-AI stack that boots and self-configures — zero manual setup.
Delivery method
AWS AMI
Operating system
Ubuntu 22.04 LTS
Architecture
x86_64
GPU
NVIDIA T4 — driver 535 / CUDA 12.2 (validated on g4dn)
Released
July 14, 2026
What it is
IOanyT SecureAI is a CIS Benchmark Level 1-hardened, GPU-accelerated Ubuntu 22.04 LTS image with a complete, production-ready generative-AI stack that boots and self-configures with no manual setup. It combines enterprise security hardening with a turnkey LLM inference + RAG environment, so you go from launch to a secured, working AI API in minutes rather than days.
The full stack auto-starts on boot via systemd. On first launch each instance generates its own unique API keys and TLS certificate — there are no shared or hardcoded credentials baked into the image.
Who it's for
Teams that need a private, secured LLM endpoint without assembling and hardening the stack themselves.
Regulated / security-conscious environments that require CIS-benchmarked baselines and audit evidence out of the box.
Builders of RAG applications who want an inference API and a vector database pre-wired behind TLS.
Teams that want OpenAI-compatible inference on their own AWS account — data stays inside your VPC.
Why it's different
Secure by default
CIS Level 1 (421 controls), key-only SSH, auditd enabled, no hardcoded credentials, and per-instance secrets.
Turnkey, not a toolkit
vLLM, Qdrant, and Caddy are pre-integrated and auto-start. No wiring, no reverse-proxy config, no cert wrangling.
OpenAI-compatible
Point any existing OpenAI client at your instance's /v1 endpoint and it just works.
Evidence included
Ships with CIS conformance evidence and an SBOM for your compliance and supply-chain reviews.
Security & compliance
CIS Benchmark Level 1 hardening applied to Ubuntu 22.04 LTS (421 controls).
Key-only SSH — password authentication disabled.
auditd enabled for system audit logging.
No hardcoded credentials — VLLM_API_KEY and QDRANT_API_KEY generated uniquely per instance on first boot.
TLS everywhere — all application traffic terminates at Caddy on port 443 with an auto-generated certificate.
Ships with CIS conformance evidence and a Software Bill of Materials (SBOM).
You remain responsible for your AWS account security (IAM, security groups, network exposure, patching cadence after launch) under the AWS shared-responsibility model.
What's included
| Software | Version |
|---|---|
| Ubuntu (CIS Benchmark Level 1 hardened — 421 controls) | 22.04 LTS |
| NVIDIA GPU driver | 535 |
| CUDA | 12.2 |
| vLLM (OpenAI-compatible inference API) | — |
| Qwen2.5-3B-Instruct (default model) | — |
| Qdrant (RAG vector database) | — |
| Caddy (reverse proxy, automatic TLS) | — |
| Docker Compose (stack orchestration) | — |
| auditd (audit logging) | — |
Recommended instances
Ports
- 443/tcp — HTTPS — LLM API, Qdrant, all app traffic (Caddy reverse proxy, TLS)
- 22/tcp — SSH — key-only administrative access
Pricing
Pay-as-you-go
Hourly (pay-as-you-go)
Software billed hourly via AWS Marketplace, on top of standard EC2/GPU instance costs.
Frequently asked questions
How is IOanyT SecureAI delivered on AWS Marketplace?
IOanyT SecureAI is delivered as an Amazon Machine Image (AMI). You launch it as an EC2 instance directly from the AWS Marketplace listing.
How much does IOanyT SecureAI cost?
Pay-as-you-go — Software billed hourly via AWS Marketplace, on top of standard EC2/GPU instance costs. Software charges are billed through AWS Marketplace; you also pay standard AWS infrastructure costs.
How do I access IOanyT SecureAI after deploying?
Connect over SSH as "ubuntu" using your EC2 key pair. See the deployment guide for full steps.
What operating system does IOanyT SecureAI run on?
Ubuntu 22.04 LTS (version 1.0.0).
What support is available for IOanyT SecureAI?
Business-hours email support. Email support@ioanyt.com for help.
Ready to deploy?
Launch it in your own AWS account, or talk to our team about a custom hardened image for your stack.
Request early accessRuns entirely inside your AWS account