Cloud Services Platform Config ManagementBeta

Automate policy and security at scale for your hybrid Kubernetes deployments.

CSP Config Management

Enabling rapid and secure application development can be challenging for administrators working across a hybrid container environment. With CSP Config Management, you can create a common configuration for all administrative policies that apply to your Kubernetes clusters both on-premises and in the cloud. CSP Config Management evaluates changes and rolls them out to all clusters so that your desired state is always reflected.

Policies

Define and enforce policies across hybrid Kubernetes deployments

A central Git repository manages access-control policies like RBAC, resource quotas, and namespaces both on-premises and in the cloud. CSP Config Management is declarative; it continuously checks cluster state and applies the desired state to enforce policies.

Security

Put security guardrails in place

Administrators need to create a consistent environment that offers security by default for developers. With CSP Config Management, you can enable new teams to get up and running quickly, knowing that the desired cluster configurations have been applied.

Maintain Control

Maintain control over cluster sprawl

As Kubernetes deployments grow, teams find the need to add more clusters for use cases like high availability, global coverage, or edge computing. Yet with each new cluster added comes new overhead in managing a separate set of configurations. CSP Config Management delivers a single, centralized place for multi-cluster management.

Features

Define configs

Take advantage of a Git repository to create a common configuration that reflects your administrative policies and can be applied to every Kubernetes cluster in your fleet. Configuration can include your Istio service mesh, pod security policies, or quota policies.

Enforce configs

Roll out configs to clusters all over the globe, ensuring that your desired state is quickly reflected.

Validation

Prevent pushing bad configurations with a built-in validator that reviews every line of code before it gets to your repository.

Common configuration formats

Easily migrate existing definitions with native Kubernetes configuration formats, such as YAML or JSON, to store your multi-cluster policies.

Bring the power of source control to config management

Stage your configuration changes in separate branches, collaborate on code reviews, and easily revert clusters to their last healthy state.

Namespace aware

Flexibly configure different policies for groups of clusters or namespaces. For example, you can apply different quota levels to staging vs. production resources.

Active monitoring

Prevent configuration drift with continuous monitoring of your cluster state, using the declarative model to apply policies that enforce compliance.

CSP products

Was this page helpful? Let us know how we did: