Secure-by-default managed control plane, built for production.
Security isn't an add-on. It's how K8S Engine is designed from the ground up: least privilege, encryption, auditing, and clear operational boundaries.
Security pillars
Secure connectivity
- Outbound-first connectivity model for nodes
- Mutual TLS and certificate rotation
- Minimal exposed surface area
Control plane hardening
- Managed etcd with encryption-at-rest and backups
- Strict separation of tenant boundaries
- Continuous monitoring and operational controls
Identity & access
- RBAC with least privilege
- OIDC SSO (Azure AD / Okta / Google Workspace)
- MFA support
- Scoped API tokens for automation
Audit and traceability
- Immutable audit logs for cluster actions
- Node Pool changes tracked
- Provider credential usage logged
- Scaling decisions recorded
- Access changes audited
Security FAQ
Questions procurement and security teams commonly ask.
Who can access my cluster?
Access is governed via RBAC and your configured identity provider. K8S Engine supports scoped kubeconfigs and revocation. You control who gets access and at what level.
Do you access my workloads?
K8S Engine operates the control plane. Workload access remains controlled by your RBAC policies and your infrastructure boundaries. We don't run agents on your nodes that access workload data.
What about provider credentials?
Stored encrypted and scoped per project. All actions using credentials are logged. Rotation is supported and recommended on a regular schedule.
Compliance & certifications
We are working toward SOC 2 Type II certification. Enterprise customers can request our security documentation, penetration test summaries, and compliance reports.