Thalassa CloudOur Roadmap for the Thlassa Cloud Platform.
Below is an snapshot of the Thalassa Cloud roadmap, grouped by timeline with the current development status.
| Status | Description |
|---|---|
| completed | Development completed and shipped |
| in progress | Actively being worked on |
| design | In design or PoC phase |
| planned | Planned for implementation |
| gathering input | We’re gathering feedback and shaping the scope |
| Category | Feature | Description | Status |
|---|---|---|---|
| IaaS | Core Infrastructure | VPCs, NAT Gateways, Load Balancers, VMs, and Block Storage | completed |
| IaaS | HA NAT gateways | Highly Available NAT gateway across multi-zones support | completed |
| IaC | Terraform Provider | Terraform provider for managing Thalassa Cloud resources | completed |
| CLI | tcloud CLI | Command-line tool for interacting with Thalassa Cloud | completed |
| Kubernetes | Managed Kubernetes | High-quality Kubernetes service built for production | completed |
| FinOps | Cost Explorer | Resource usage tracking and initial cost breakdown | completed |
| Networking | VPC Firewall | Subnet- and VPC-level firewall configuration | completed |
| Kubernetes | kubernetes v1.33 | Support Kubernetes v1.33 | completed |
| Networking | Internal DNS resolvers | New HA Internal DNS resolvers for upstream resolution | completed |
| Security | Audit Logging | Platform-wide audit logging | completed |
| Kubernetes | RBAC with IAM | Integrated RBAC tied to IAM users and roles | completed |
| Billing | Invoice Generation | Exportable monthly billing statements | completed |
| Billing | Payment Processor Integrations | Stripe, Mollie and others | completed |
| Kubernetes | Cloud Controller Manager | Integrated cloud controller manager for Kubernetes | completed |
| Kubernetes | CSI Controller | Container Storage Interface controller for Kubernetes | completed |
| IAM | System Service Accounts | Support for system service accounts | completed |
| Kubernetes | Kubernetes Dashboard | Web-based Kubernetes user interface | completed |
| Kubernetes | Kubernetes Cluster RBAC | Role-Based Access Control for Kubernetes clusters | completed |
| IaaS | Organisation Resource Quotas | Resource quotas at the organization level | completed |
| Networking | Loadbalancers: UDP Support | Support for UDP traffic in load balancers | completed |
These items are scheduled to be completed within the near future.
| Category | Feature | Description | Status |
|---|---|---|---|
| Operations | Public Cloud | Enabling open access to Thalassa Managed Public Cloud, allowing full self-service sign-up. | in progress |
| Databases | Managed PostgreSQL | Introducing our first managed database service with PostgreSQL. | in progress |
| Networking | Security Groups | Implementing assignable security groups for cloud services (IaaS, Kubernetes, etc). | in progress |
| IaaS | Object Storage | S3-compatible storage service for unstructured data. | in progress |
| IaaS | Snapshots & Backups | Providing volume snapshots and back-up services. | in progress |
| Networking | IPv6 & Dual Stack | Dual-stack (IPv4/IPv6) and IPv6 only networking support for all services. | in progress |
| Kubernetes | Auto Scaling Capabilities | Kubernetes with node pool autoscaling and update strategies. | design |
| Platform | Quick Launch Templates | Creating one-click deployment templates for common workloads. | design |
| Security | Automated Ingress Blocklists | Developing IP blocklists via threat intelligence feeds to automatically protect against malicious traffic. | design |
| Security | OIDC Based API Credentials | Implementing OIDC (OpenID Connect) based API credentials as a replacement for Personal Access Tokens. | design |
| Category | Feature | Description | Status |
|---|---|---|---|
| Compliance | ISO27001 | Achieve ISO 27001 certification for ISM | planned |
| Compliance | SOC2 | Obtain SOC2 | planned |
| Kubernetes | Automated Cluster Upgrades | Auto-upgrades for Kubernetes clusters | planned |
| Networking | VPC Peering | Internal connectivity between VPCs | planned |
| Networking | VPC Bastion | Bastion Service to allow SSH access to Virtual Machines within an VPC | planned |
| Networking | Reserved IP Addresses | Reserve and assign specific IP addresses to network services such as LBs and NAT Gateways | planned |
| Kubernetes | Container Registry | Provide fully integrated Container Registry for storing OCI artifacts | planned |
| IaaS | Custom Machine Images | Custom image support for organization-level control | planned |
| IAM | System Accounts | Support for service accounts and automation roles | planned |
| Projects | Allow logical seperation within an organisation using projects | Resource isolation within organizations | planned |
| Security | Web Application Firewall (WAF) | Layer 7 protection for apps | planned |
| Networking | L7 Load Balancing | HTTPS, TLS, and gRPC support | planned |
| Networking | Site-to-Site VPN Endpoints | Managed IPSec connectivity | planned |
| Observability | Managed Prometheus | Long-term metric storage | planned |
| Observability | Logging Access | Centralized access to platform logs | planned |
| PaaS | Initial Rollout | GitOps-ready deployment platform | planned |
| FinOps | Cost Explorer 2.0 | Labels, filters, and report scheduling | planned |
| Compliance | Audit & Compliance Center | Visual dashboard for audit data | planned |
| PaaS | Managed Secrets | Secure secret store for apps | planned |
| FinOps | Budget Limits & Alerts | Org-level cost controls and alerts | planned |
| Networking | Custom DNS Zones | Manage private DNS zones | gathering input |
| Services | Managed Kafka | Potential managed Kafka based on demand | gathering input |
| Services | Managed RabbitMQ / NATS | Messaging services as managed offerings | gathering input |
| Security | Customer Managed Encryption Keys | BYOK encryption for sensitive data | gathering input |
| Databases | Managed Valkey | Managed Valkey (Redis fork) | gathering input |
| Policy | Centralized Policy Engine (OPA) | Org-wide policy enforcement | gathering input |
| Policy | Change Approval Workflows | Require approval for sensitive operations | gathering input |
| Category | Feature | Description | Status |
|---|---|---|---|
| PaaS | Serverless Capabilities | Deploy apps without managing infra | gathering input |
| PaaS | Multi-Cluster Service Mesh | Unified networking across clusters and regions | planned |
| Ecosystem | Add-On Marketplace | Deploy certified third-party apps and integrations | gathering input |
Roadmap Priority and timeline
Time-line and roadmap items are an indication. Based on our internal and our customers’ requirements, items on our roadmap may have their timeline or priority updated.