Security isn't a bolt-on. It's built into every layer.
You need SaaS convenience but can't hand over your cloud credentials. Your team is growing but secret sprawl is growing faster. Auditors want a trail for every infrastructure change.
Secrets management, identity and access control, and full audit trails are built into every layer of Planton — from how credentials are stored to how infrastructure changes are executed.
secret resolution
5+
Secret Backends
0
Plaintext in Production
100%
Changes Audited
JIT
Secret Resolution
Secrets Management
Store secrets encrypted at rest. Reference them by name, not by value — no plaintext in transit or at rest in production. Secrets are resolved just-in-time within the Runner's security boundary, never transiting the control plane.
SecretRef pattern — reference secrets by name in resource specs, never inline values
Encrypted storage with provider-native encryption at rest
Execution-time resolution — secrets are injected only when the stack job runs
SecretRef Pattern
apiVersion: gcp.openmcf.org/v1
kind: GcpCloudSqlInstance
metadata:
name: production-db
spec:
databasePassword:
secretRef:
name: db-password
backend: gcp-secret-managerRunner Trust Model
Runner executes IaC and operations in YOUR cloud. Credentials are resolved via your cloud provider's native IAM. The Planton control plane never sees them.
Just-in-time credential resolution via native cloud IAM — no long-lived secrets
Runner runs in your VPC with your security policies and network controls
Encrypted tunnel between Runner and control plane with verified identity on both sides
Runner (your VPC)
Encrypted Tunnel
Planton Control Plane
Security at every layer of the stack
From secrets storage to zero-trust networking — every security control is native, not bolted on.
Multi-Backend Secrets
Bring your own secrets backend. Or use Planton's managed backend to get started in seconds.
Identity & Access
Human users and machine identities share one unified identity model. Fine-grained, relationship-driven access control.
Connection Security
All connections use typed SecretRef fields. OAuth tokens rotate automatically. GitHub App installations with zero user-managed secrets.
Zero-Trust Architecture
Encrypted tunnels with cryptographic identity for every Runner. No implicit trust between any component.
Every change has a story
Version history with Git-like commit messages. Color-coded diffs. Searchable audit log across all resources.
planton cloud-resource
Version History
Git-like commit messages for every resource modification. Know who changed what and why.
Color-Coded Diffs
Compare any two versions of a resource with clear add/remove/update highlighting.
Searchable Audit Log
Search across all resources, environments, and identities. Stack job logs preserved for every execution.