Security architecture overview

Security architecture overview

YugabyteDB Managed security architecture and shared responsibility model

YugabyteDB Managed is a fully managed YugabyteDB-as-a-Service that allows you to run YugabyteDB clusters on public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

YugabyteDB Managed uses a shared responsibility model, where security and compliance is a shared responsibility between public cloud providers, Yugabyte, and YugabyteDB Managed customers.

The YugabyteDB Managed architecture is secure by default, and uses the following features to protect clusters and communication between clients and databases:

  • encryption in transit
  • encryption at rest
  • limited network exposure
  • authentication
  • role-based access control for authorization

For information on how to configure the security features of clusters in YugabyteDB Managed, refer to Secure clusters in YugabyteDB Managed.