| title | description | has_children | has_toc | nav_order |
|---|---|---|---|---|
lakeFS Enterprise |
lakeFS Enterprise is an enterprise-ready lakeFS solution providing additional features including RBAC, SSO and Support SLA. |
true |
false |
110 |
lakeFS Enterprise is a commercially-supported version of lakeFS, offering additional features and functionalities that meet the needs of organizations from a production-grade system.
lakeFS Enterprise was built for organizations that require the support, security standards and features required of a production-grade system and are not using public clouds, hence they cannot use [lakeFS Cloud]({% link cloud/index.md %}).
- Support: the lakeFS team is committed to supporting you under an SLA for both issues and product enhancements.
- Security: Full support for a suite of security features and additional lakeFS functionality.
With lakeFS Enterprise you’ll receive access to the security package containing the following features:
- A rich [Role-Based Access Control]({% link security/rbac.md %}) permission system that allows for fine-grained control by associating permissions with users and groups, granting them specific actions on specific resources. This ensures data security and compliance within an organization.
- To easily manage users and groups, lakeFS Enterprise provides SSO integration (including support for SAML, OIDC, ADFS, Okta, and Azure AD), supporting existing credentials from a trusted provider, eliminating separate logins.
- lakeFS Enterprise supports [SCIM]({% link howto/scim.md %}) for automatically provisioning and deprovisioning users and group memberships to allow organizations to maintain a single source of truth for their user database.
- [STS Auth]({% link security/sts-login.md %}) offers temporary, secure logins using an Identity Provider, simplifying user access and enhancing security.
- [Authentication with AWS IAM Roles]({% link security/external-principals-aws.md %}) allows authentication using AWS IAM roles instead of lakeFS credentials, removing the need to maintain static credentials for lakeFS Enterprise users running on AWS.
- [Auditing]({% link reference/auditing.md %}) provides a detailed action log of events happening within lakeFS, including who performed which action, on which resource - and when.
- [lakeFS Mount]({% link reference/mount.md %}) allows users to virtually mount a remote lakeFS repository onto a local directory. Once mounted, users can access the data as if it resides on their local filesystem, using any tool, library, or framework that reads from a local filesystem.
- [Transactional Mirroring]({% link howto/mirroring.md %}) - allows replicating lakeFS repositories into consistent read-only copies in remote locations.
| Feature | OSS | Enterprise |
|---|---|---|
| Format-agnostic data version control | ✅ | ✅ |
| Cloud-agnostic | ✅ | ✅ |
| Zero Clone copy for isolated environment | ✅ | ✅ |
| Atomic Data Promotion (via merges) | ✅ | ✅ |
| Data stays in one place | ✅ | ✅ |
| Configurable Garbage Collection | ✅ | ✅ |
| Data CI/CD using lakeFS hooks | ✅ | ✅ |
| Integrates with your data stack | ✅ | ✅ |
| Role Based Access Control (RBAC) | ✅ | |
| Single Sign On (SSO) | ✅ | |
| SCIM Support | ✅ | |
| IAM Roles | ✅ | |
| Mount Capability | ✅ | |
| Audit Logs | ✅ | |
| Transactional Mirroring (cross-region) | ✅ | |
| Support SLA | ✅ |
You can learn more about the [lakeFS Enterprise architecture]({% link enterprise/architecture.md %}), or follow the examples in the [Quickstart guide]({% link enterprise/getstarted/quickstart.md %}).