The Ambassador Edge Stack provides a comprehensive solution for your Kubernetes edge needs.

  • Authentication
  • Single Sign-On with OAuth/OIDC
  • Session Management
  • JWT Validation
  • Multi-Domain Authentication
  • Access Control
  • Rate Limiting
  • Global Rate Limiting
  • Per-User Rate Limiting
  • System Security
  • TLS Termination
  • Automatic HTTPS
  • Server Name Indication
Edge Policy Management
  • Self-Service
  • Manage policies using CRDs or the Edge Policy Console UI
  • Adopt a GitOps-style workflow
  • Declarative Policy Paradigm
  • Switch seamlessly between the UI or CRDs for configuration
  • Full round trip support
Developer Onboarding
  • Developer Portal
  • Real-Time Catalog
  • Swagger/OpenAPI Support
  • Developer Documentation
  • Fully Customizable
Modern Traffic Management


Securing a microservice shouldn’t be hard. The AES includes automatic TLS setup via ACME integration, OAuth/OpenID Connect integration, rate limiting, and fine-grained access control.


Secure access to your services and integrate with popular identity providers. Declare access control policies and control who has access to specific services.

Rate Limiting

Ensure your services remain available, even when under heavy load.

System Security

Provide a crucial layer of privacy and security protection for end users with HTTPS.


Microservices may crash, but your application shouldn’t. The AES includes support for automatic retries, timeouts, circuit breakers, and rate limiting to maximize application availability.

Load Balancing

Load balancing allows you to maximize scalability and availability of your application by efficiently distributing network traffic among backend services. Ambasador supports the following load balancing techniques

Circuit Breaking

Circuit breakers limit the blast radius of an overloaded service by preventing additional connections or requests to an overloaded service.

Edge Policy Management

The Edge Policy Console works seamlessly with the Kubernetes API to give platform engineers and developers the ability to easily configure, manage, and visualize edge policies with the ease-of-use and visibility of a graphical interface.


Empower app dev teams to independently configure and manage edge policy.

Developer Onboarding

Your developer community, both internal and external, needs to understand your APIs. The AES includes an API catalog, Swagger/OpenAPI documentation support, and a fully customizable developer portal.

Developer Portal

The Developer Portal gives your developers a central self-service hub for your APIs. With the Developer Portal, developers are able to onboard and start using your APIs right away.


Understanding what’s going on is key to troubleshooting and improving your application. The Ambassador Edge Stack natively supports distributing tracing, metrics collection, and logging.

Distributed Tracing

Distributed Tracing is a powerful tool to debug and analyze your system in addition to request logging and metrics. Ambassador integrates with external trace visualization services and Zipkin-compatible APIs, like Jaeger.

Monitoring Integrations

The Ambassador Edge Stack exposes statistics via the ubiquitous and well-tested StatsD protocol. Ambassador makes it easy to direct this information to a statistics and monitoring tool of your choice.

Modern Traffic Management

Microservices today communicate using a wide variety of protocols. The AES supports a broad range of protocols and provides traffic management controls for testing and resource availability.

Protocol Support

The Ambassador Edge Stack supports a broad range of protocols

Traffic Management Controls

Manipulate production traffic for testing features before release with Ambassador Edge Stack’s traffic management controls.