How are resources isolated?

Have more questions? Submit a request

Each Atlan customer has their own isolated set of nodes within Kubernetes.

  • Our deployments isolate all running services. This includes the metastore and its persistence in Cassandra and Elasticsearch.
  • The backing persistence for these services is also isolated through distinct AWS VPCs.

Multi-tenant

For multi-tenant deployments:

  • The underlying Kubernetes control plane and networking layer (coredns) are shared between tenants. Loft helps virtualize and isolate these logically.
  • The compute resources (nodes, nodegroups) and storage are physically isolated between tenants.
  • Only Atlan's cloud team is able to manage the AWS resources across these levels of isolation.

Single-tenant

For single-tenant deployments:

  • The underlying compute resources are isolated through distinct AWS EKS clusters. In addition to compute resources and storage, this also physically isolates the control plane and networking.
  • Distinct AWS sub-accounts are also used to further isolate the AWS VPCs used for backing persistence.
  • Only Atlan's cloud team is able to manage the AWS resources across these sub-accounts.

Related articles

Was this article helpful?
0 out of 0 found this helpful