The data is stored using the openebs-localpath PVC storage class, leveraging the default Linux-enabled encryption set up within the customer’s infrastructure (by customer’s sysadmin). If AWS is used for storage, the app is compatible with buckets encrypted using AWS KMS.
Istio STRICT mode enables end-to-end encryption in Kubernetes clusters by using mutual TLS (mTLS) for secure service-to-service communication.Kubernetes secrets are stored in etcd in a base64-encoded format.
Organizations represent the highest granularity multi-tenancy. Users in separate organizations do not share translation data, user accounts or other project information.
Within an organization, LILT manages application access through role-based access control. For more information, visit our public article /kb/role-based-access-control .LILT Domains allows organizations to segment their workflows by assigning resources—such as users, models, and preferences—to specific domains.
Application access to backend services is managed through Kubernetes service accounts and secrets. These details can be configured during the application setup.
