Enforce Data Residency Across Cloud Regions Using a Zero Trust Kubernetes Framework

Learn more about Mirantis k0rdent AI: https://www.mirantis.com/software/mirantis-k0rdent-ai/ More sovereign cloud solutions from Mirantis: https://www.mirantis.com/gpu-platform-as-a-service/#sovereign-cloud Slide deck: https://docs.google.com/presentation/d/1atf5Gfx8ZoXEjlS5ufKutPKwZA7vC7eiDYDtbAXb6Zo/edit?usp=sharing If a region is legally compromised - or a government order is issued in another jurisdiction - can you prove that customer data elsewhere is technically unreachable? Not just on paper, but by design? This webinar hosted by Martin Stadler, Field CTO for AI Infrastructure at Mirantis, covers a real sovereign cloud architecture built on k0rdent by Mirantis, a multi-cluster Kubernetes management platform. With k0rdent, data sovereignty is enforced at three levels: ❶ Network isolation: regions operate default-deny with no implicit east–west trust. Connectivity exists only via explicit interconnect. ❷ Data in transit: each region runs its own certificate chain. mTLS is enforced with region-scoped intermediates, meaning cross-region authentication fails at the TLS layer, even if routing exists. ❸ Data at rest: control-plane secrets are encrypted with region-bound, HSM-backed keys (KMS v2). Object storage (S3, Blob, OpenStack Swift) stores encrypted artifacts only. Without the regional key, data is unreadable. You'll also get practical guidance on certificate lifecycle management (LCM) at scale, sovereign disaster recovery that rebuilds a region without violating data residency, and running this across any cloud provider including AWS, Azure, OpenStack, and even on bare metal. Built for cloud providers developing EU or national sovereign offerings who need to make sovereignty technically defensible - not operationally assumed - this session will give you the roadmap for ensuring data sovereignty across your entire Kubernetes environment. 🖥️ For more on demand and upcoming webinars proctored by the teams at Mirantis, please visit: https://www.mirantis.com/cloud-webinars/ 📚 For more informative resources about Mirantis, our solutions and areas of expertise, please check out our resource library: https://www.mirantis.com/resources/ #cloudnative #kubernetes #k8s #datasovereignty #sovereigncloud #aiinfrastructure #platformengineering #multicloud #k0rdent Learn more about Mirantis: https://www.mirantis.com/ Mirantis Enterprise Support: https://www.mirantis.com/support/enterprise-support-options/ Read the Mirantis Blog: https://www.mirantis.com/blog/ Cloud Native & Kubernetes Resources: https://www.mirantis.com/cloud-native-cookbook/ Mirantis Training: https://training.mirantis.com/ Questions? Contact us today: https://www.mirantis.com/contact/ CHAPTERS 0:00 - Intro 1:11 - Webinar agenda 1:29 - Background on current platforms 2:17 - k0rdent Zero Trust architecture 8:40 - How to build a trust foundation 13:28 - End to end Zero Trust flow 26:59 - Workload placement = Trust in action 35:56 - From request to result, everything verified 38:19 - Summary of outcomes 39:05 - Outro