# What is an Engagement instance?
An “Instance” refers to a virtual instance within our cloud provider's environment (Google Cloud Platform), varying in resource reservation/dedication, performance, and security features. Engagement offers **3 types of instances** for you to choose from, see [Instances](🔗) for more details:
On [multi tenant](🔗) Engagement instances, your CSM will create a dedicated account for you on an existing multi tenant instance, set up all configurations, and grant you access to it. The location of the data centers will depend on your legal entity’s region and/or your wishes regarding where to keep your data located (we currently offer data centers in the US, UK, EU, and Russia).
[Single tenant](🔗) and [exclusive](🔗) instances offer most or all of the resources dedicated, hence need to be built for you from scratch. Your CSM will need to gather all required specification details (in collaboration with you) and request the instance from our Engineering team.
# Building a new single tenant or exclusive instance - what to expect?
New instances are being created by our Engineering team and hence, your CSM first needs to request an engineering time slot reservation among the slots available. Once the time slot is internally approved and allocated, **expect the CSM to confirm the delivery date of your instance to you**.
The location of the data centers will depend on your legal entity’s region and/or your wishes regarding where to keep your data located - please, **express your request to your CSM** (we currently offer data centers in the US, UK, EU, and Russia).
## Instance subdomains
As a next step, **expect the CSM to discuss with you the subdomains of the instance**. Each Engagement instance has a set of APP, API, and CDN subdomains. You can agree either on exponea.com subdomains (e.g. example.exponea.com) or on your own subdomains.
Subdomains required prior to instance creation
Note that the instance cannot be built without any domains attached to it. You will need to provide the APP, API, and CDN subdomains prior to the instance creation. The subdomains cannot be already in use by other services.
In case you’d like to use your own subdomains, you willl need to add CNAME DNS records (your CSM will provide the exact DNS record format) prior to our Engineering team starting to build the instance.
### What are the subdomains used for?
**APP subdomain**: The actual Engagement online portal, which will be accessed by your employees and the Engagement project team. E.g. example.exponea.com.
**API subdomain**: The API subdomain will be used to track data on your web or via your backend. This will be the subdomain specifying the endpoints for all the API calls/requests. E.g. api-example.exponea.com.
**CDN subdomain**: This subdomain is used for serving content within your upcoming Engagement campaigns (in email links, survey links, consent page links, etc.) and tracking email opens and clicks. E.g. cdn-example.exponea.com.
Single tenant and exclusive instances are allowed to have up to 10 subdomains for each subdomain type, e.g. if you have multiple brands or operate in multiple regions, you can have 10 different API subdomains used on the instance, one for each brand or region (for instance api-example.com, api-example.co.uk, etc.).
**In case you purchased the option to provide your custom SSL certificates, expect to collaborate with our Engineering team on their installation**, the process is outlined below. For those who did not purchase the custom SSL option, expect Engagement to provision the SSL certificates (we are utilizing the [Google-managed SSL certificates](🔗)).
### Providing custom SSL certificates
In case you purchased the custom SSL certificates option, the following steps are needed:
**(1) CSR (Certificate Signing Request) generated** Usually, the Engagement Engineering team generates the CSR, however, we will need you to provide the CSR details and provide them to your CSM. Once Engagement validates the information provided and generates the CSR, Engagement sends over the CSR.
**(2) Purchase the SSL certificate based on the CSR from your Certificate Authority ** You will then need to send over the certificate (e.g. via email) once obtained
**(3) Install the SSL certificate** Engagement validates the certificate and confirms once installed
## What else is needed
CSMs also need to provide further details of the contract (e.g. contracted usage allowances and [security features](🔗)) and submit all required details prior to the reserved time slot to our Engineering team.
Once all required details are provided, expect the Engagement engineers to build and test the instance within the given time frame. Afterward, **once the instance is delivered to the Engagement project team, expect your CSM to set up the account(s) and project(s) and invite you there**. You can now start using your single tenant or exclusive Engagement instance.
In case you purchased security features like [SSO](🔗), [VPN](🔗), [IP whitelisting](🔗), [Audit log](🔗), [Vulnerability scans](🔗), a more intense collaboration is needed (typically with your IT or Security team over the course of weeks or months). Expect to start working on implementing the security features once the single tenant/exclusive instance has been delivered to you.