Centrally Manage all the Policies for your Kubernetes Infrastructure
Centralize Governance including configuration of OPA (Open Policy Agent) policies through Blueprints to ensure that clusters are always in compliance with company policies — fleet-wide.
Manage Policies Across Your Kubernetes Fleet
With Rafay, built-in workflows automate, test, audit and reuse OPA policies at scale. Unify policy definition and enforcement across entire fleets including in data centers, public clouds and in remote/edge locations.
Easy to use workflows for creating and managing security policies for the entire fleet of clusters reducing significant operational complexity
Granular policy enforcement over the entire organization based on one or more projects or clusters
Leverage pre-existing policies covering best-practice enterprise compliance and security requirements
View all policy metrics, violations and audits in a central dashboard by clusters, environments and teams
Create and manage security policies, rules and templates
In a typical enterprise there will be a hierarchical structure and policy management is most effective when it gels well into the organization hierarchy. Rafay’s modeling of the OPA integrates into the RBAC offerings and facilitates creation of governance policies at organization level with enough flexibility to override at different levels, if the customer chooses so. Detailed audit logs are captured for both Admission requests and Audit Runs making it easier for customers to orchestrate new OPA policies.
Organize and apply policies at organization, project and cluster levels for enforcement
Supports multiple modes of policy enforcement to suit different security requirements suitable for each enterprise spanning from the highest level of central control to the most flexible local control. These policies are associated with Cluster Blueprints to manage the enforcement centrally across a fleet of clusters. Each of these policies are versioned and high-level controls are offered to enforce, report and audit at multiple levels like organization, team, cluster, and namespace.
Clone and change pre-canned policies to create custom policies
Rafay incorporates several useful pre-canned OPA constraints, templates and policies that can be easily customized. The pre-canned entities are based on open-source examples and best practices from customer scenarios. Customers can clone these and make changes to create more powerful rules to suit their requirements.
Rafay's How-To Guide: Streamlining Amazon EKS Operations
Learn the 4 essential pillars of Kubernetes operations and how to predict operational gaps across automation, security, visibility and governance of clusters.
View all policy metrics, violations and audits in a central dashboard by clusters, environments and teams
Rafay presents policy violations in a user-friendly manner controlled by role-based access controls (RBAC). Audits are in near-real-time to our controller and can be used for multiple governance and monitoring activities. Also, Rafay enables customizable retention of audit logs to suit governance requirements.
"The big draw was that you could centralize the lifecycle management & operations."
"Rafay’s thought leadership and white glove support has been fantastic."
"Rafay’s unified view for Kubernetes Operations & deep DevOps expertise has allowed us to significantly increase development velocity."
"Rafay stood out from the crowd with their deep integration with Amazon EKS."
Want Free Access?
See for yourself how to add automation, security, visibility, and governance to your Kubernetes Operations by trying the Rafay Kubernetes Operations Platform!
