Docs Cloud Get Started Introduction to Redpanda Cloud Redpanda Cloud Overview Redpanda Cloud is a complete data streaming platform delivered as a fully-managed service with automated upgrades and patching, data and partition balancing, and 24x7 support. It continuously monitors and maintains your clusters along with the underlying infrastructure to meet strict performance, availability, reliability, and security requirements. All Redpanda Cloud clusters are deployed with an integrated Redpanda Console. For more detailed information about the Redpanda platform, see Introduction to Redpanda and How Redpanda Works. Redpanda Cloud cluster types Redpanda offers four types of fully-managed cloud clusters. All products have access to unlimited storage and 280+ data connectors with Redpanda Connect. Serverless Dedicated Cloud Bring Your Own Cloud (BYOC) For starter projects and applications with low or variable traffic. For production clusters requiring expert cloud hosting, higher throughput, and extra isolation. For production clusters requiring data sovereignty, the highest throughput, and added security. Multi-tenant on AWS Single-tenant on AWS, Azure, or GCP In your cloud on AWS, Azure, or GCP 100 MiB/s max write throughput 400 MiB/s max write throughput 2 GB/s max write throughput 300 MiB/s max read throughput 800 MiB/s max read throughput 4 GB/s max read throughput 5000 partitions 22,800 partitions 112,500 partitions 99.9% SLA 99.99% SLA 99.99% SLA Public networking Public or private networking Public or private networking SSO (GitHub, Google), Kafka ACLs SSO (GitHub, Google, OIDC), RBAC, audit logs SSO (GitHub, Google, OIDC), RBAC, audit logs Enterprise support with annual contracts Enterprise support Enterprise support The partition limit is the number of logical partitions before replication occurs. Redpanda Cloud uses a replication factor of 3. Enterprise support is staffed by streaming experts around the clock Monday through Friday, plus immediate escalation for production outages 24/7. Serverless Serverless is the fastest and easiest way to start data streaming. With Serverless clusters, you host your data in Redpanda’s VPC, and Redpanda handles automatic scaling, provisioning, operations, and maintenance. This is a production-ready deployment option with a cluster available instantly, and with pay-as-you-go billing after the free trial, you only pay for what you consume. You can view detailed billing activity for each cluster and edit payment methods on the Billing page. Serverless is currently in a limited availability (LA) release with usage limits. Sign up for Serverless Free trial Redpanda Sales AWS Marketplace A free trial is the fastest way to get started with Serverless, and it comes with a welcome cluster. Each customer qualifies for a trial with $100 (USD) in free credits to spend in the first 14 days. This should be enough to run Redpanda with reasonable throughput. No credit card is required. To continue using Serverless after your trial expires, you can enter a credit card and pay as you go. Any remaining credit balance is used before you are charged. When either the credits expire or the days in the trial expire, the clusters move into a suspended state, and you won’t be able to access your data in either the Redpanda Cloud UI or with the Kafka API. There is a seven-day grace period following the end of the trial. After that, the data is permanently deleted. To ask questions about the trial, use the #serverless Community Slack channel. For information about billing after the trial ends, see Usage Metrics. To request a private offer with possible discounts for annual committed use, contact Redpanda Sales. When you subscribe to Serverless through Redpanda Sales, you gain immediate access to Enterprise support. Redpanda creates a cloud organization for you and sends you a welcome email. New subscriptions to Redpanda Cloud through AWS Marketplace receive $300 (USD) in free credits to spend in the first 30 days. AWS Marketplace charges for anything beyond $300, unless you cancel the subscription. After your free credits have been used, you can continue using your cluster without any commitment, only paying for what you consume and canceling anytime. When you subscribe to Redpanda through AWS Marketplace, you do not have immediate access to Enterprise support, only the Community Slack channel. For Enterprise support, contact Redpanda Sales Redpanda creates a cloud organization for you and sends you a welcome email. Dedicated Cloud With Dedicated clusters, you host your data on Redpanda cloud resources (AWS, GCP, or Azure), and Redpanda handles provisioning, operations, and maintenance. Dedicated clusters are single-tenant deployments that support private networking (for example, VPC peering to talk over private IPs) for better data isolation. When you create a Dedicated cluster, you select the supported tier that meets your compute and storage needs. Sign up for Dedicated Redpanda Sales AWS Marketplace To request a private offer with possible discounts for monthly or annual committed use, contact Redpanda Sales. With a usage-based billing commitment, you sign up for a minimum spend amount through AWS Marketplace, Azure Marketplace, or Google Cloud Marketplace. You can then provision Dedicated clusters in Redpanda Cloud, and you can view invoices and manage your subscription in the marketplace. Redpanda creates a cloud organization for you and sends you a welcome email. New subscriptions to Redpanda Cloud through AWS Marketplace receive $300 (USD) in free credits to spend in the first 30 days. AWS Marketplace charges for anything beyond $300, unless you cancel the subscription. After your free credits have been used, you can continue using your cluster without any commitment, only paying for what you consume and canceling anytime. Redpanda creates a cloud organization for you and sends you a welcome email. Bring Your Own Cloud (BYOC) With BYOC clusters, you deploy Redpanda in your own cloud (AWS, Azure, or GCP), and all data is contained in your own environment. This provides an additional layer of security and isolation. (See BYOC architecture.) When you create a BYOC cluster, you select the supported tier that meets your compute and storage needs. Redpanda handles provisioning, operations, and maintenance. With standard BYOC clusters, Redpanda manages security policies and resources for your VPC or VNet, including subnetworks, IAM roles, and storage buckets/accounts. A Bring Your Own Virtual Private Cloud (BYOVPC) cluster allows you to deploy the Redpanda data plane into your existing VPC/VNet and take full control of managing the networking lifecycle. Compared to standard BYOC, BYOVPC provides more security, but the configuration is more complex. See Shared responsibility model. The BYOC infrastructure that Redpanda manages should not be used to deploy any other workloads. Sign up for BYOC To start using BYOC, contact Redpanda sales to request a private offer with possible discounts. You are billed directly or through Google Cloud Marketplace or AWS Marketplace. Serverless vs Dedicated/BYOC Serverless clusters are a good fit for the following use cases: Starter and growing workloads Spiky workloads (that is, development environments, systems that only occasionally get busy, or workloads that come and go) Fast and dynamic cluster creation: you can use a Serverless cluster as an isolated container for topics With Serverless (and for Dedicated when procured through the AWS Marketplace), you only pay for what you consume, without any commitment. A cluster is created instantly, so you can surface it in your applications (for example, for tenant isolation). If your workload increases, you can migrate it to a Dedicated or BYOC cluster. Consider Dedicated or BYOC if you need more control over the deployment or if you have workloads with consistently-high throughput. Dedicated and BYOC clusters offer the following features: Private networking Single-zone or multi-zone availability. A multi-zone cluster provides higher resiliency in the event of a failure in one of the zones. Ability to export metrics to a 3rd-party monitoring system Kafka Connect Higher limits and quotas. See Dedicated usage tiers and BYOC usage tiers compared to Serverless limits. Shared responsibility model The Redpanda Cloud shared responsibility model lists the security ownership areas for Redpanda and customers. Responsibilities depend on the type of deployment. Dedicated BYOC BYOVPC Resource Redpanda responsibility Customer responsibility Redpanda upgrades and hotfixes ✓ Cost management and attribution ✓ Software vulnerability remediation ✓ Infrastructure vulnerability remediation ✓ IAM (roles, service accounts, access segmentation) ✓ Compute ✓ Redpanda agent VM maintenance ✓ VPC (subnets, routing, firewall) ✓ VPC peering ✓ VPC private links (service endpoint) ✓ VPC private links (consumer endpoint) ✓ Local storage ✓ Tiered Storage ✓ Control plane ✓ Access controls and audit ✓ Managed disaster recovery ✓ Observability and monitoring (SLOs, SLIs, tracing, alerting, runbooks) ✓ Availability SLA ✓ Proactive threat detection ✓ Static secret rotation ✓ Incident response ✓ Resilience verification ✓ Kafka Connect infrastructure ✓ Kafka Connect tasks state ✓ Resource Redpanda responsibility Customer responsibility Redpanda upgrades and hotfixes ✓ Cost management and attribution ✓ ✓ Software vulnerability remediation ✓ Infrastructure vulnerability remediation ✓ IAM (roles, service accounts, access segmentation) ✓ ✓ Compute ✓ Redpanda agent VM maintenance ✓ VPC (subnets, routing, firewall) ✓ ✓ VPC peering ✓ VPC private links (service endpoint) ✓ VPC private links (consumer endpoint) ✓ Local storage ✓ Tiered Storage ✓ Control plane ✓ Access controls and audit ✓ ✓ Managed disaster recovery ✓ Observability and monitoring (SLOs, SLIs, tracing, alerting, runbooks) ✓ Availability SLA ✓ (subject to required access to customer resources) Proactive threat detection ✓ ✓ Static secret rotation ✓ Incident response ✓ Resilience verification ✓ Kafka Connect infrastructure ✓ ✓ Kafka Connect tasks state ✓ Resource Redpanda responsibility Customer responsibility Redpanda upgrades and hotfixes ✓ Cost management and attribution ✓ ✓ Software vulnerability remediation ✓ Infrastructure vulnerability remediation ✓ ✓ IAM (roles, service accounts, access segmentation) ✓ Compute ✓ Redpanda agent VM maintenance ✓ VPC (subnets, routing, firewall) ✓ VPC peering ✓ VPC private links (service endpoint) ✓ VPC private links (consumer endpoint) ✓ Local storage ✓ Tiered Storage ✓ Control plane ✓ Access controls and audit ✓ ✓ Managed disaster recovery ✓ Observability and monitoring (SLOs, SLIs, tracing, alerting, runbooks) ✓ ✓ (for VPC components and cloud storage buckets/containers managed by customer) Availability SLA ✓ (subject to required access to customer resources) ✓ Proactive threat detection ✓ ✓ Static secret rotation ✓ ✓ Incident response ✓ Resilience verification ✓ Kafka Connect infrastructure ✓ ✓ Kafka Connect tasks state ✓ Redpanda Connect and Kafka Connect Redpanda Connect is integrated into Redpanda Cloud and available as a fully-managed service. Choose from a range of connectors, processors, and other components to quickly build and deploy streaming data pipelines or AI applications from the Cloud UI or using the Data Plane API. Comprehensive metrics, monitoring, and per pipeline scaling are also available. To start using Redpanda Connect, try this quickstart. Kafka Connect is automatically enabled on AWS and GCP clusters. With this, there is a node running for Kafka Connect even if connectors are not used. To enable Kafka Connect on Azure clusters, see Enable Kafka Connect. Redpanda Cloud architecture When you sign up for a Redpanda account, Redpanda creates an organization for you. Your organization contains all your Redpanda resources, including your clusters and networks. Within your organization, Redpanda creates a default resource group to contain your resources. You can rename this resource group, and you can create more resource groups. For example, you may want different resource groups for production and testing. For high availability, Redpanda Cloud uses the following control plane - data plane architecture: Control plane: This is where most cluster management, operations, and maintenance takes place. The control plane enforces rules in the data plane. You can use role-based access control (RBAC) in the control plane to manage access to organization-level resources like clusters, resource groups, and networks. Data plane: This is where your cluster lives. The term data plane is sometimes used interchangeably with cluster. The data plane is where you manage topics, consumer groups, connectors, and schemas. You can use RBAC in the data plane to configure cluster-level permissions for provisioned users at scale. Agent: For BYOC, Redpanda uses an agent to manage the data plane from the control plane. The agent pulls cluster specifications from the control plane. IAM permissions allow the agent to access the the cloud provider API to create and manage cluster resources. The permissions follow the principle of least privilege, limiting access to only what is necessary. Clusters are configured and maintained in the control plane, but they remain available even if the network connection to the control plane is lost. In the Redpanda Cloud UI, you see a different side navigation in the control plane and the data plane. You’re in the control plane when you first log in. You’re at the organization (org) level, and you haven’t yet selected a cluster. This is where you can select, create, and delete clusters, networks, and resource groups. You’re in the data plane when you’re at the cluster level working with topics, consumer groups, connectors, and schemas. BYOC architecture In a BYOC architecture, you deploy the data plane in your own VPC. All network connections into the data plane take place through either a public endpoint, or for private clusters, through Redpanda Cloud network connections such as VPC peering, AWS PrivateLink, Azure Private Link, or GCP Private Service Connect. Customer data never leaves the data plane. Redpanda Cloud does not support customer access to the Kubernetes control plane with kubectl. This restriction allows Redpanda Data to manage all configuration changes internally to ensure a 99.99% service level agreement (SLA) for BYOC clusters. A BYOC cluster is initially set up from the control plane. This is a two-step process performed by rpk cloud byoc apply: You bootstrap a virtual machine (VM) in your VPC. This VM spins up the agent and the required infrastructure. Redpanda assigns the necessary IAM policies required to run the agent and configures workload identity. That is, it configures independent IAM roles for each workload, with only the permissions each workload requires. The agent communicates with the control plane to pull the cluster specifications. After the agent is up and running, it connects to the control plane and starts dequeuing and applying cluster specifications that provision, configure, and maintain clusters. The agent is in constant communication with the control plane, receiving and applying cluster specifications and exchanging cluster metadata. Agents are authenticated and authorized through opaque and ephemeral tokens, and they have dedicated job queues in the control plane. Agents also manage VPC peering networks. To create a Redpanda cluster in your virtual private cloud (VPC), follow the instructions in the Redpanda Cloud UI. The UI contains the parameters necessary to successfully run rpk cloud byoc apply with your cloud provider. Redpanda Cloud vs Self-Managed feature compatibility Because Redpanda Cloud is a fully-managed service that provides maintenance, data and partition balancing, upgrades, and recovery, much of the cluster maintenance required for Self-Managed users is not necessary for Redpanda Cloud users. Also, Redpanda Cloud is opinionated about Kafka configurations. For example, automatic topic creation is disabled. Some systems expect the Kafka service to automatically create topics when a message is produced to a topic that doesn’t exist. (You can create topics in Redpanda Cloud on the Topics page or with rpk topic create.) New clusters in Redpanda Cloud generally include functionality added in Self-Managed versions immediately. Existing clusters include new functionality when they get upgraded to the latest version. Redpanda Cloud deployments do not support the following functionality available in Redpanda Self-Managed deployments: Integration with Apache Iceberg. For private beta access on BYOC, contact Redpanda Support. Data transforms. For private beta access, contact Redpanda Support. Remote Read Replicas. This is in beta for Redpanda Cloud. Kafka API OIDC authentication. However, Redpanda Cloud does support SSO to the Redpanda Cloud UI. Admin API. FIPS-compliance mode. Kerberos authentication. Redpanda debug bundles. Redpanda Console topic documentation. Configuring access to object storage with customer-managed encryption key. Kubernetes Helm chart and Redpanda Operator functionality. The following rpk commands: rpk cluster config rpk cluster health rpk cluster license rpk cluster maintenance rpk cluster partitions rpk cluster self-test rpk cluster storage rpk connect rpk container rpk debug rpk iotune rpk redpanda rpk topic describe-storage (All other rpk topic commands are supported on both Redpanda Cloud and Self Managed.) rpk transform (This is in beta for Redpanda Cloud.) rpk generate app (This is supported in Serverless clusters only.) The rpk cloud commands are not supported in Self-Managed deployments. Features in limited availability Features in limited availability are production-ready and are covered by Redpanda Support for early adopters. The following features are currently in limited availability in Redpanda Cloud: Redpanda Connect for Dedicated and BYOC (not BYOVPC) Serverless Dedicated and BYOC for Azure BYOVPC for GCP Azure Private Link Features in beta Features in beta are available for testing and feedback. They are not covered by Redpanda Support and should not be used in production environments. The following features are currently in beta in Redpanda Cloud: Redpanda Connect for Serverless Redpanda Terraform provider BYOVPC for AWS and Azure Remote Read Replicas for AWS and GCP Next steps Learn about upgrades and maintenance Create a Serverless Cluster Create a Dedicated Cloud Cluster Create a BYOC Cluster Suggested reading Bring Your Own Cloud (BYOC): best of both worlds A middle path for data sovereignty: Bring Your Own Cloud Suggested videos YouTube - What is Redpanda BYOC? (3 mins) Back to top × Simple online edits For simple changes, such as fixing a typo, you can edit the content directly on GitHub. Edit on GitHub Or, open an issue to let us know about something that you want us to change. Open an issue Contribution guide For extensive content updates, or if you prefer to work locally, read our contribution guide . Was this helpful? thumb_up thumb_down group Ask in the community mail Share your feedback group_add Make a contribution What’s New in Redpanda Cloud Introduction to Redpanda