# Security Union.ai provides a production-grade workflow orchestration platform built on Flyte, designed for AI/ML and data-intensive workloads. Security is foundational to Union.ai’s architecture, not an afterthought. This document provides a comprehensive overview of Union.ai’s security practices, architecture, and compliance posture for enterprise security professionals evaluating the platform. Union.ai’s security model is built on several core principles: * **Data residency:** Customer data is stored and computed only within the customer's compute plane. The Union.ai control plane stores only orchestration metadata—no task inputs, outputs, code, logs, secrets, or container images. * **Architectural isolation:** A strict separation between the Union-hosted control plane and the customer-hosted compute plane ensures that the blast radius of any control plane compromise does not extend to customer data. * **Outbound only connectivity:** The Cloudflare Tunnel connecting the control plane to the compute plane is outbound-only from the customer’s network, requiring no inbound firewall rules. All communication uses mutual TLS (mTLS) and is authenticated using the customer's Auth / SSO. * **Compliance:** Union.ai is SOC 2 Type II certified for Security, Availability, and Integrity, with practices aligned to ISO 27001 and GDPR standards. Union is designed to meet HIPAA compliance requirements for handling Protected Health Information (PHI) and maintains CIS 1.4 AWS certification while pursuing CIS 3.0 certification (in progress). The Union.ai trust portal can be found at [trust.union.ai](https://trust.union.ai) * **Defense in depth:** Multiple layers of encryption, authentication, authorization, and network segmentation protect data throughout its lifecycle. * **Human / operational isolation:** Union.ai personnel access the customer's control plane UI only through authenticated, RBAC-controlled channels. Personnel do not have IAM credentials for customer cloud accounts and cannot directly access customer data stores, secrets, or compute infrastructure. In BYOC deployments, Union.ai additionally has [K8s cluster management access](https://www.union.ai/docs/v2/byoc/security/byoc-differences/page.md#human-access-to-customer-environments). ## Deployment models Union.ai offers two deployment models, both sharing the same control plane / compute plane architecture and security controls described in this document. In **Self-Managed** deployments, the customer operates their compute plane independently; Union.ai has zero access to the customer’s infrastructure, with the Cloudflare tunnel as the only connection. In **BYOC** deployments, Union.ai manages the Kubernetes cluster in the customer’s cloud account via private connectivity (PrivateLink/PSC), handling upgrades, monitoring, and provisioning while maintaining strict separation from customer data, secrets, and logs. The core security architecture—encryption, RBAC, tenant isolation, presigned URL data access, and audit logging—is identical across both models. Sections where operational responsibilities differ are noted inline. [BYOC deployment differences](https://www.union.ai/docs/v2/byoc/security/byoc-differences/page.md) provides a detailed comparison. ## Subpages - [Company overview](https://www.union.ai/docs/v2/byoc/security/company-overview/page.md) - Platform capabilities - Deployment models - [Security architecture](https://www.union.ai/docs/v2/byoc/security/security-architecture/page.md) - Control plane / compute plane separation - Control plane (Union.ai hosted) - Compute plane (customer hosted) - Network architecture - Cloudflare tunnel (outbound-only) - Control plane tunnel (outbound only) - Communication paths - Data flow architecture - Presigned URL pattern - Streaming relay pattern - [Data protection](https://www.union.ai/docs/v2/byoc/security/data-protection/page.md) - Data classification - Encryption at rest - Encryption in transit - Data residency and sovereignty - Compute plane - Control plane - [Identity and access management](https://www.union.ai/docs/v2/byoc/security/identity-and-access-management/page.md) - Authentication - Authorization (RBAC) - Organization isolation - Database-layer isolation - Compute plane isolation - Control plane service isolation - Isolation verification - Human access to customer environments - Current access model - Access scope and limitations - Audit trail - Least privilege principle - [Secrets management](https://www.union.ai/docs/v2/byoc/security/secrets-management/page.md) - Secrets architecture - Secret lifecycle - Creation - Consumption - Write-only API - Secret scoping - [Infrastructure security](https://www.union.ai/docs/v2/byoc/security/infrastructure-security/page.md) - Kubernetes security - Container security - IAM and workload identity - Control plane infrastructure - Availability, response time, and resilience - Control plane availability - Compute plane resilience during control plane outages - [Logging, monitoring, and audit](https://www.union.ai/docs/v2/byoc/security/logging-monitoring-and-audit/page.md) - Task logging - Observability metrics - Audit trail - Incident response - [Compliance and certifications](https://www.union.ai/docs/v2/byoc/security/compliance-and-certifications/page.md) - Certifications overview - Standards compliance - HIPAA compliance - GDPR alignment - Trust Center - Shared responsibility model - [Workflow execution security](https://www.union.ai/docs/v2/byoc/security/workflow-execution-security/page.md) - Task registration - Run creation and execution - Result retrieval - Data flow summary - [Multi-cloud and region support](https://www.union.ai/docs/v2/byoc/security/multi-cloud-and-region-support/page.md) - Supported cloud providers - Supported regions - Consistent security across clouds - [Organizational & physical security practices](https://www.union.ai/docs/v2/byoc/security/organizational-security-practices/page.md) - Employee security lifecycle - Governance & organizational controls - Security development lifecycle - [Component architecture](https://www.union.ai/docs/v2/byoc/security/components-architecture/page.md) - Component architecture - Executor - Apps and serving - Object store service - Log provider - Image builder - Tunnel service - [Vulnerability and risk management](https://www.union.ai/docs/v2/byoc/security/vulnerability-and-risk-management/page.md) - Vulnerability assessment - Patch management - Threat modeling - Control plane compromise - Tunnel interception - Presigned URL leakage - Security architecture benefits - Third-party dependency risk - [BYOC deployment differences](https://www.union.ai/docs/v2/byoc/security/byoc-differences/page.md) - Overview - Network architecture - Human access to customer environments - Secrets management - Infrastructure management - IAM role provisioning - Compute plane patching - Availability and resilience - Third-party dependency risk - Shared responsibility model - HIPAA and compliance - Contact and resources - [Security FAQ](https://www.union.ai/docs/v2/byoc/security/security-faq/page.md) - Does Union.ai store any of my data? - Can Union.ai access my data? - What happens if the Union.ai control plane is compromised? - Do I need to open inbound firewall rules? - Can I use my own encryption keys? - Is there an API to read secret values? - How does Union.ai handle multi-tenancy? - What compliance certifications does Union.ai hold? - [Appendix](https://www.union.ai/docs/v2/byoc/security/appendix/page.md) - A: Data residency summary - B: Presigned URL data types - C: Kubernetes RBAC - control plane - D: Kubernetes RBAC - compute plane - Union core services (compute plane) - Observability and monitoring - E: AWS IAM roles - Contact and resources --- **Source**: https://github.com/unionai/unionai-docs/blob/main/content/security/_index.md **HTML**: https://www.union.ai/docs/v2/byoc/security/