Skip to main content

Otterize is a platform for automating workload IAM (access control) for workloads on Kubernetes. Each workload declares what it needs in order to function, and a Kubernetes operator figures out the policies that need to be created. This concept is called Intent-Based Access Control (IBAC).

For each kind of supported IAM mechanism (such as Kubernetes Network Policies, AWS IAM policies), Otterize can automatically learn the required ClientIntents.

Otterize is composed of three open-source and standalone components (the intents operator, credentials operator and network mapper) you deploy on your cluster, as part of a single Helm chart, which handle enforcement, and Otterize Cloud, which supplements them with additional features.

Learn about how Otterize works by reading below, or jump into one of the tutorials below to see how it works hand-on.


Features & tutorials

Otterize makes it easy to automate and visualize workload IAM for your Kubernetes clusters across a variety of platforms. Explore each to learn how it works, and see its quickstart tutorials.


Automating workload IAM

Visualizing network traffic and data access