SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Rafay Systems makes Zero-Trust Access and GitOps services open source
Wed, 13th Oct 2021
FYI, this story is more than a year old

Rafay Systems has announced the company plans to open source its zero-trust access and GitOps services to further empower developers.

With these changes, developers will be able to take advantage of and contribute to these services that are designed to reduce the complexities associated with securing access to and automating the ongoing operations of Kubernetes infrastructure and applications.

According to Rafay Systems, as Kubernetes has become a priority for enterprises, access to modern infrastructure and configuration management has proven to be a major challenge, particularly when leveraging multiple clouds or operating multiple Virtual Private Clouds (VPCs) in the same cloud environment.

Enterprises are also finding it difficult to enforce repeatable workflows for managing the ongoing operations of Kubernetes infrastructure and modern applications.

With the Zero-Trust Access and GitOps services available as open source projects, developers can address the multi-tenant access and automation requirements that these services were built to address.

Developers can also collaborate with project contributors to further advance on-premises, hybrid, multi-cloud and edge use cases.

These two services are the first of many that Rafay intends to open source over time, according to a statement from the company.

More specifically, Rafay's Zero-Trust Access service enables controlled, audited access for developers, SREs and automation systems to Kubernetes infrastructure, with just-in-time service account creation and user-level credentials management, and can be integrated with an enterprise's in-place RBAC/SSO solution.

According to the company, by powering access to Kubernetes infrastructure from anywhere, Rafay's Zero-Trust Access service:

  • Centralises access control to entire fleets of Kubernetes clusters, regardless of where the user or system seeking access is located
  • Secures kubectl access to all clusters with integrated enterprise RBAC/SSO
  • Ensures compliance with internal security policies and industry regulations
  • Provides immutable audit trails of all user and system access

Meanwhile, GitOps is an efficient approach to continuous deployment (CD) that leverages Git as a single source of truth for both infrastructure and applications, Rafay states.

By being declarative, it provides for better standardisation, enhanced security, and ultimately, improved productivity, the company states.

With Rafay's GitOps Service, enterprises can:

  • Programmatically construct multi-stage pipelines for both applications and clusters
  • Fully automate deployments and remove error prone, manual steps
  • Guarantee that the desired state specified in Git repos are instantly enforced on Kubernetes clusters
  • Implement easy-to-use controls enabling developers and operations teams to collaborate delivering modern applications faster without sacrificing enterprise-level governance

Rafay Systems CEO Haseeb Budhani says, “As a member of the Cloud Native Computing Foundation (CNCF), we are extremely excited to deepen our engagement with the open source community.

"By open sourcing Zero-Trust Access and GitOps services, we are doing our part in furthering the community's goals of making cloud-native computing ubiquitous.

"We look forward to the community embracing these projects, and are eager to engage with developers and DevOps professionals who are open to partnering with the current cadre of contributors focused on accelerating Kubernetes adoption in enterprises.

Rafay SVP of engineering and operations Hemanth Kavuluru says, “Modern infrastructure deserves modern approaches to technical challenges. Managing Kubernetes at scale is not only becoming more challenging and onerous, but also comes with great risk.

"We're always looking for new ways to automate infrastructure and application deployments with security and access control in mind. We look forward to sharing these technical capabilities with the developers and are excited to see how far we can extend these services in partnership with the cloud-native community.

Rafay is a member of the Cloud Native Computing Foundation (CNCF) and is a Certified Kubernetes Service Provider.