Skip to main content

How are resources isolated?

Each Atlan customer has their own isolated set of compute nodes within Kubernetes.

  • Each Atlan tenant isolates all running services. Each tenant contains an isolated Cassandra, Elasticsearch, and object storage, with distinct IAM roles.
  • The underlying Kubernetes control plane is shared between tenants. To achieve logical isolation, Loft's virtual clusters are implemented.
  • The compute resources (nodes, nodegroups) and storage are physically isolated between tenants.
  • Only Atlan's cloud team is able to manage the AWS, Azure, and GCP resources across these levels of isolation.

See security.atlan.com for the latest policies and standards, reports and certifications, architecture, diagrams and more.