Skip to main content
OwnKube operates as a control plane that manages infrastructure in your cloud account. Your code, data, and compute never leave your environment.

Architecture overview

┌──────────────┐      ┌──────────────────┐      ┌──────────────┐
│   Developer   │──────│  OwnKube control │──────│  Your AWS    │
│   (git push)  │      │     plane        │      │  account     │
└──────────────┘      └──────────────────┘      └──────────────┘
                        │ Build & deploy │         │ Your VPC   │
                        │ Monitor & heal │         │ Your data  │
                        │ Optimize costs │         │ Your rules │

Connect, deploy, ship

1

Connect your cloud account

Securely connect your AWS account with a least-privilege IAM role. OwnKube provisions the base infrastructure in your account. We never see your application data.
2

Deploy your first app

Push your code via Git. OwnKube auto-detects your framework, builds your container, and handles zero-downtime rollouts. No pipeline configuration required.
3

Ship and forget

From day one, your platform monitors infrastructure — detecting errors, optimizing costs, and tuning performance. Ship features while OwnKube handles operations.

What runs where

ComponentLocationDetails
Your applicationsYour AWS accountRuns inside your VPC on your compute
Your databasesYour AWS accountProvisioned in your VPC with encryption at rest
OwnKube control planeOwnKube managedOrchestrates deployments and intelligent operations
Build pipelineOwnKube managedBuilds are executed securely and artifacts pushed to your ECR

Security model

  • Least-privilege access — OwnKube only requests the minimum IAM permissions needed
  • No data egress — application data stays in your account
  • Vanilla infrastructure — standard Kubernetes, no proprietary lock-in
  • Disconnect anytime — your infrastructure keeps running without OwnKube