Security & Access Control
This page covers networking, security and access control provisions that Galileo deployments enable
Networking / Firewalls
Air-Gapped Deployments
Galileo’s fully air-gapped deployments provide enterprises with a solution for deploying Kubernetes clusters in non-cloud environments, enabling them to securely and efficiently run their applications within their own enterprise networks or VPCs, without the need for external connectivity or reliance on cloud infrastructure.
With air-gapped deployments, organizations maintain complete control and autonomy over their Kubernetes clusters, ensuring the utmost security, privacy, and compliance with internal policies and regulations. This eliminates the need for internet connectivity or external dependencies, making it suitable for sensitive environments where data integrity and confidentiality are paramount.
This ensures that the cluster remains isolated from external networks, minimizings the potential attack surface area. All components, including master nodes, worker nodes, and control plane components, operate solely within the confines of the enterprise network or VPC.
Configurable Ingress / Egress
Galileo’s endpoints and load-balancers can be customized during deployment to handle various combinations of limited access to both internal and external environments. This includes all combinations of ingress and egress to both types of environments.
If your provider is not listed above, additional SSO providers can be added on-demand as per customer requirements.
Access Control
Galileo deployments have a default settings of having all projects and runs private (only visible to the user who creates them), with invite-only sharing turned on by default.
Galileo also has 2 default roles: Admin & User. Admins have the ability to grant / revoke user access
Galileo provides configurable access-control mechanisms (Role-based access) for enterprises / teams with custom access requirements.
Was this page helpful?