diff --git a/docs/docs/basics/features.md b/docs/docs/basics/features.md index e69de29bb2..6ae529ff0b 100644 --- a/docs/docs/basics/features.md +++ b/docs/docs/basics/features.md @@ -0,0 +1,15 @@ +# Product Features + +Contrast simplifies the deployment and management of Confidential Containers, offering optimal data security for your workloads while integrating seamlessly with your existing Kubernetes environment. + +From a security perspective, Contrast employs the [Confidential Containers](confidential-containers.md) concept and provides the corresponding [security benefits](security-benefits.md), shielding your entire deployment from the underlying infrastructure. + +From an operational perspective, Contrast provides the following key features: + +* **Managed Kubernetes Compatibility**: Initially compatible with Azure Kubernetes Service (AKS), Contrast is designed to support additional platforms such as AWS EKS and Google Cloud GKE as they begin to accommodate confidential containers. + +* **Lightweight Installation**: Contrast can be integrated as a [day-2 operation](../getting-started/install.md) within existing clusters, adding minimal [components](../architecture/overview.md) to your setup. This facilitates straightforward deployments using your existing YAML configurations, Helm charts, or Kustomize, enabling native Kubernetes orchestration of your applications. + +* **Remote Attestation**: Contrast generates a concise attestation statement that verifies the identity, authenticity, and integrity of your deployment both internally and to external parties. This architecture ensures that updates or scaling of the application do not compromise the attestation’s validity. + +* **Service Mesh**: Contrast securely manages a Public Key Infrastructure (PKI) for your deployments, issues workload-specific certificates, and establishes transparent mutual TLS (mTLS) connections across nodes. This is done by harnessing the [envoy proxy](https://www.envoyproxy.io/) to ensure secure communications within your Kubernetes cluster.