CCC Managed Kubernetes Container Orchestration
Provides fully managed environments for running Kubernetes clusters without requiring users to handle control-plane operations like upgrades, patching, or high‑availability setups. They automate cluster provisioning, scaling, and integration with each provider’s native ecosystem, offering secure, reliable, and production‑ready Kubernetes deployments.
Release Details
Version:
DEV
Assurance Level:
Release Manager:
DB
Development Build
Contributors
DT
Development Team
Change Log
- Development build - no formal changelog available
Capabilities
| ID | Title | Description | Threat Mappings |
|---|---|---|---|
| CCC.K8S.F01 | Managed Kubernetes Control Plane | Provides a fully managed Kubernetes control plane that has high availability, with automatic updates and patching. | 0 |
| CCC.K8S.F02 | Managed Node Pool | Provides fully managed Kubernetes worker nodes (compute resources). These nodes are provisioned, updated, patched, and monitored for you by the service. | 0 |
| CCC.K8S.F03 | Virtual Nodes | Ability to have fully managed virtual compute resources to power Kubernetes worker nodes. This will eliminate the need to manage underlying nodes. | 0 |
| CCC.K8S.F04 | GPU Support | Support for GPU-accelerated workloads through integration of GPUs, enabling high-performance computing. | 0 |
| CCC.K8S.F05 | OCI Container Image Execution | Supports running containerized workloads using OCI-compliant images, providing an isolated execution environment for applications. | 0 |
| CCC.K8S.F06 | Container Registry Integration | Enables integration with public or private container registries to retrieve container images for execution. | 0 |
| CCC.ContOrch.F07 | Storage Integration | Supports attaching ephemeral or persistent storage volumes to running containers in the Kubernetes cluster. | 0 |
| CCC.K8S.F08 | Built-in Ingress Load Balancing | Built-in support for distributes incoming traffic across running container instances to optimize resource usage and availability. | 0 |
| CCC.ContOrch.F09 | Cluster Auto Scaling | Ability to automatically scale the number of worker nodes in the cluster based on workload demand, ensuring efficient resource utilization. | 0 |
| CCC.K8S.F10 | Private Cluster Endpoints | Ability to restrict access to the Kubernetes API server to private networks, ensuring the control plane is only accessible within your VPC. | 0 |
| CCC.K8S.F11 | Service Mesh Integration | Ability to integrate with managed service mesh offering by the cloud service provider for service discovery, traffic routing, observability, and security. | 0 |
| CCC.K8S.F12 | Secrets Integration | Ability to seamlessly integrate with cloud native secret manager service to securely manage and access secrets, such as API keys, database credentials, or certificates, within Kubernetes workloads. | 0 |
| CCC.K8S.F13 | Observability Tooling Integration | Ability integrate with Observability tooling such as Prometheus and Grafana to provide comprehensive monitoring, and visualization for Kubernetes clusters. | 0 |
| CCC.Core.CP01 | Encryption in Transit Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to transmission via a network interface. | 0 |
| CCC.Core.CP02 | Encryption at Rest Enabled by Default | The service automatically encrypts all data using industry-standard cryptographic protocols prior to being written to a storage medium. | 0 |
| CCC.Core.CP06 | Access Control | The service automatically enforces user configurations to restrict or allow access to a specific component or a child resource based on factors such as user identities, roles, groups, or attributes. | 0 |
| CCC.Core.CP14 | API Access | The service exposes a port enabling external actors to interact programmatically with the service and its resources using HTTP protocol methods such as GET, POST, PUT, and DELETE. | 0 |
| CCC.Core.CP19 | Resource Scaling | The service may be configured to scale child resources automatically or on-demand. | 0 |
| CCC.Core.CP22 | Location Lock-In | The service may be configured to restrict the deployment of child resources to specific geographic locations. | 0 |
| CCC.Core.CP23 | Network Access Rules | The service restricts access to child or networked resources based on user-defined network parameters such as IP address, protocol, port, or source. | 0 |
| CCC.Core.CP24 | Core Processing Units | The service provides users and child resources with access to core processing units (CPUs) for executing instructions and performing computations. | 0 |
| CCC.Core.CP25 | Random Access Memory Allocation | The service provides users and child resources with access to random access memory (RAM) for temporary data storage and fast data retrieval during processing tasks. | 0 |
| CCC.Core.CP26 | Persistent Storage | The service provides users and child resources with access to persistent storage for saving and retrieving data reliably over time. | 0 |
| CCC.Core.CP27 | Configurable Network Ports | The service allows users to configure network ports for communication, enabling flexibility in network management and integration with other services. | 0 |
| CCC.Core.CP28 | Command-line Interface | The service includes a component that reads and translates text into commands that can be executed by the service. | 0 |
| CCC.Core.CP29 | Active Ingestion | While running, the service can receive inputs, commands, or data streams from external sources such as dedicated APIs, exposed network ports, message queues, and persistent data ingestion channels. | 0 |