Kubernetes Policy Management Service

Centrally Manage all the Policies for your Kubernetes Infrastructure

Centralize control and administration of what end-users can do on clusters and ensure that clusters are always in compliance with company policies — fleet-wide.

Manage Policies Across Your Kubernetes Fleet

With Rafay, enterprises automate, test, audit and reused policies. It unifies policy definition and enforcement across entire fleets including in data centers, public clouds and in remote/edge locations

Easy to use workflows for creating and managing security policies for the entire fleet of clusters reducing significant operational complexity

Granular policy enforcement over the entire organization of one or more projects or clusters

Leverage pre-existing policies covering best-practice enterprise compliance and security requirements

View all policy metrics, violations and audits in a central dashboard by clusters, environments and teams

Create and manage security policies, rules and templates

In a typical enterprise there will be a hierarchical structure and policy management is most effective when it gels well into the organization hierarchy. Rafay’s modeling of the OPA integrates into the RBAC offerings and facilitates creation of governance policies at organization level with enough flexibility to override at different levels, if the customer chooses so. These policies are then associated with Cluster Blueprints to manage the enforcement across a fleet of clusters. Each of these policies are versioned and high level controls are offered to enforce, report and audit at multiple levels like organization, team, cluster etc.

Organize and apply policies at organization, project and cluster levels for enforcement

Supports multiple modes of policy enforcement to suit different security requirements suitable for each enterprise spanning from the highest level of central control to the most flexible local control. For example, policies can be organization-wide, where the security administrator of an organization can create policies relevant at the root level and is given controls on how they should be enforced on teams within the organization. Or a single policy can be configured at the organization level and be centrally enforced for the entire organization.

Clone and change pre-canned policies to create custom policies

Rafay incorporates several useful pre-canned constraints, templates and policies that can be easily customized. The pre-canned entities are based on open source examples and best practices from customer scenarios. Customers can clone these and make changes to create more powerful rules to suit their requirements.

Download the White Paper

Simplifying Amazon EKS Deployments & Operations

Learn how to accelerate Kubernetes & streamline Amazon EKS ops

View all policy metrics, violations and audits in a central dashboard by clusters, environments and teams

Rafay provides audit support as well as a higher level abstraction to provide audit capturing at policy level across a fleet of clusters. Rafay streams the audits in near-real-time to our controller and can be used for multiple governance and monitoring activities. Also, Rafay can have a customizable retention of audit logs to suit governance requirements.

"Easily operate and rapidly deploy applications anywhere across multi-cloud and edge environments."

Aamir Hussain

SVP Chief Product Officer, Verizon Business

"Rafay stood out from the crowd with their deep integration with Amazon EKS."

Jayant Thakre

VP Products

"The big draw was that you could centralize the lifecycle management & operations."

Beth Cohen

Cloud Technology Strategist, Verizon Business

"Rafay’s unified view for Kubernetes Operations & deep DevOps expertise has allowed us to significantly increase development velocity."

Alec Rooney


Read a Case Study

Rafay Accelerates SonicWall’s Adoption of K8s & Amazon EKS

Learn how SonicWall streamlined Amazon EKS