Architecture

How ops0 works under the hood.

Platform Overview

ops0 Platform

Web UI

AI Engine

Workflows

IaC Runtime

Policies

State Storage

↓↓↓

AWS / GCP / Azure

GitHub / GitLab

Kubernetes

Core Components

Web UI & Editor

• Monaco-based code editor

• Real-time resource graph

• Visual workflow builder

AI Engine

• Code authoring from natural language

• Incident analysis & root cause

• Infrastructure Q&A

IaC Runtime

• Terraform, OpenTofu, Oxid (Pulumi upcoming)

• Isolated container execution

• Scoped credentials per run

Policy Engine

• OPA (Open Policy Agent)

• Rego policy language

• Pre-deployment validation

Policy Evaluation Flow

Terraform Plan

→

JSON

→

OPA + Rego

→

Pass / Fail

State Storage

Encrypted

AES-256

Versioned

Full history

Locked

No conflicts

Backed up

Daily

Integrations

Cloud Providers

AWS

IAM Role + cross-account trust

No stored credentials

GCP

Workload Identity Federation

Short-lived tokens

Azure

Service Principal + OIDC

Federated credentials

Kubernetes (ops0 Agent)

Your Kubernetes Cluster

Your Pods

ops0 Agent

• Watches pods, nodes, events

• Collects logs on demand

• Detects incidents

↓ TLS (outbound only)

ops0 Platform

Outbound only

Read-only access

Namespace scoped

No persistent storage

Git Providers

GitHub / GitLab

← Webhooks (PR, push)

→ Clone, comments, checks

ops0

Security

TLS 1.3 in transit

AES-256 at rest

Short-lived tokens

Isolated containers

Access Control

SSO

SAML, OIDC

RBAC

Role-based

MFA

Enforced

Audit

Full logs

Deployment Options

SaaS

Hosted at brew.ops0.ai

Managed infrastructure

Automatic updates

Single-Tenant

Dedicated instance

Custom domain

Enhanced isolation

Self-Hosted

Your environment

Full data sovereignty

Air-gapped option

Available for Enterprise customers

Self-Hosted and Enterprise

Self-hosted and single-tenant deployments are available for Enterprise customers. These options include full data sovereignty, air-gapped environments, custom domains, and dedicated support. Contact sales to learn more about Enterprise deployment options.

Next Steps

Quick Start

Get up and running in 5 minutes

Integrations

Connect AWS, GitHub, Slack