QueryPie KAC
Kubernetes Access Controller

QueryPie KAC is a Kubernetes API protection solution designed for centralized management of cloud infrastructures such as AWS EKS or any other on-premise Kubernetes clusters. With KAC, administrators can perform granular Kubernetes access management, monitor the Kubernetes APIs requested by users, and replay their container command executions.

4 Key Features of KAC

Access Control

Manage access permissions across Kubernetes clusters with our integrated RBAC system, ensuring granular control and authorized resource access based on user roles.

Automatic Access
Permission Acquisition

Automatically register admin access permissions for cloud-based Kubernetes clusters like AWS EKS by simply assigning IAM permissions.

Audit Logging
& Session Recording

Gain visibility into user actions across multiple clusters in near real-time with audit logs and pod session recordings.


Simply select desired clusters within granted roles and access policies with "kubeconfig" files automatically generated by QueryPie Agent.

How QueryPie KAC Works

QueryPie seamlessly integrates into existing Kubernetes environments.
Administrators can integrate with identity providers such as Okta to manage user lifecycles for their Kubernetes API access. Users can request authorized Kubernetes resources via API using their existing third-party clients, while their 'kubectl' commands pass through QueryPie's internally developed proxy for access control and audit.

Entirely Protect Your Kubernetes

QueryPie promotes comprehensive Kubernetes protection, encompassing both within and outside of namespaces. While QueryPie SAC is dedicated to meticulous access control and audit of SSH connections to Kubernetes nodes, QueryPie KAC specializes in the sophisticated governance and auditing of API interactions for Kubernetes resources atop these nodes.

Get Started today!

Let us show you how QueryPie can transform the way you govern and share your sensitive data.

Request a Demo