Skip to main content

FAQ

Is Konfigurate a Platform as a Service (PaaS)?

Konfigurate is not exactly a PaaS, but it provides many of the same benefits without the usual constraints. A PaaS provides a platform allowing developers to build, deploy, and manage applications without worrying about the underlying infrastructure. Typically this abstracts infrastructure such as the application runtime, databases, caches, queues, and other middleware. This allows developers to focus more on product and feature development and less on infrastructure configuration and management. The trade-off, typically, is a PaaS tends to be quite rigid in its opinionations and can have vendor lock-in concerns.

Konfigurate similarly provides abstractions for infrastructure in the form of Resource Templates, and the Control Plane handles provisioning and managing the infrastructure. The infrastructure itself, however, is not hidden from developers in any way. Instead, Konfigurate acts as an orchestrator for the cloud platform, working to configure and create Resources, manage IAM, and ensure the infrastructure matches the desired state. Through this lens, Konfigurate is more akin to Infrastructure as Code (IaC).

Unlike a PaaS, with Konfigurate you have the full breadth of the underyling cloud platform at your disposal. What Konfigurate does is expose it in a way that allows developers to work more efficiently, securely, and conforming to organizational standards and controls. A platform or operations team can manage cloud governance and enterprise standards for their organization through Platforms, Domains, and Resource Templates. This means developers can once again focus on product and feature development, but if they hit a constraint with Konfigurate, they have a means to resolve it. This concept is something we call an escape hatch.

Are platforms other than GitLab and Google Cloud supported?

Today, Konfigurate only supports GitLab and Google Cloud Platform (GCP). We are actively exploring support for GitHub and Amazon Web Services (AWS). If Konfigurate interests you but it doesn't support your platform, please reach out and let us know.

Does Konfigurate work with Terraform?

Partly. At a high level, Konfigurate is comprised of two layers: the Platform Layer and the Workload Layer. Terraform or other IaC tools can be used in combination with the Platform Layer, but you'll lose many of the benefits of the Workload Layer.

The Platform Layer is responsible for establishing an enterprise-grade platform spanning source control, CI/CD, and cloud provider. This includes things like establishing project structures in the cloud environment and source control system, creating IAM resources for allowing CI/CD pipelines to authenticate with the cloud environment, managing access control and governance, and configuring foundational infrastructure like VPCs.

The Workload Layer is responsible for managing Workloads and their associated Resources. This includes provisioning infrastructure, managing IAM, and ensuring Resources are in a running state and that configuration is correct. In this sense, the Workload Layer is an IaC solution with some opinionation. In particular, Konfigurate builds upon and extends GCP's Config Connector, which is an operator that allows you to manage your Google Cloud infrastructure the same way you manage Kubernetes applications. While the Workload Layer is opinionated, this model allows you to step outside of Konfigurate's opinions when needed. See above for more on this.

If using Terraform, the Platform Layer would effectively create and manage the underlying platform that Terraform would deploy resources into. It would also provide credentials to allow Terraform to securely authenticate. However, with this model, the developer would be responsible for implementing their infrastructure and IAM using Terraform and wiring everything together. You would lose the benefits of the Workload Layer, such as Resource Templates and automatic IAM, as well as many of the benefits of the Konfigurate UI. You would, however, still gain the governance provided by Platforms and Domains.

Can I self-host Konfigurate?

Currently, Konfigurate is only available as a dedicated managed SaaS. If you are interested in self-hosting Konfigurate, please contact us.

Does Konfigurate have "root" access to my GCP organization and GitLab?

Konfigurate's access is limited and can be revoked at any time. It is designed with security as a foundational principle. You can read more about Konfigurate's security model here.