Managed Services¶
Game Warden provides three types of managed services to simplify your deployment and reduce operational overhead:
Game Warden supports key AWS services including:
- Backup
- ElastiCache
- Elastic File System (EFS)
- Elastic Kubernetes Service (EKS)
- Relational Database Service (RDS)
- Simple Email Service (SES)
- Simple Storage Service (S3)
These include commonly used tools such as:
- HashiCorp Vault
- Istio
Game Warden–Managed Services: Game Warden may pull container images from Iron Bank – a DoD-approved container image repository – and run them within your Kubernetes environment.
As a customer, you are not responsible for supplying container images or remediating Common Vulnerabilities and Exposures (CVEs) for managed services. Game Warden handles this responsibility through internal policies, manual updates, and automated CI/CD pipelines.
Amazon Web Services (AWS)¶
Game Warden is hosted on AWS GovCloud (US-East). The tabs below outline the AWS services most commonly supported by Game Warden, along with their availability across DoD Impact Levels (IL), FedRAMP, and Commercial deployments.
| Service Name | IL2 | IL4 | IL5 |
|---|---|---|---|
| EBS (Elastic Block Store) | Yes | Yes | Yes |
| EC2 (Elastic Cloud Compute) | Yes | Yes | Yes |
| EFS (Elastic File Storage) | Yes | Yes | Yes |
| EKS (Elastic Kubernetes Service) | Yes | Yes | Yes |
| IAM (Identity and Access Management) | Yes | Yes | Yes |
| KMS (Key Management Service) | Yes | Yes | Yes |
| RDS (Relational Database Service) | Yes | Yes | Yes |
| SQS (Simple Queue Service) | Yes | Yes | Yes |
| S3 (Simple Storage Service) | Yes | Yes | Yes |
| VPC (Virtual Private Cloud) | Yes | Yes | Yes |
| SES (Simple Email Service) | Yes | Yes | Yes |
| Transit Gateway | Yes | Yes | Yes |
| Backup | Yes | Yes | Yes |
| ElastiCache | Yes | Yes | Yes |
Warning
For Top Secret deployments, only EKS, RDS and S3 services are currently available.
| Service Name | FedRAMP | Commercial |
|---|---|---|
| EBS (Elastic Block Store) | Yes | Yes |
| EC2 (Elastic Cloud Compute) | Yes | Yes |
| EFS (Elastic File Storage) | Yes | Yes |
| EKS (Elastic Kubernetes Service) | Yes | Yes |
| IAM (Identity and Access Management) | Yes | Yes |
| KMS (Key Management Service) | Yes | Yes |
| RDS (Relational Database Service) | Yes | Yes |
| SQS (Simple Queue Service) | Yes | Yes |
| S3 (Simple Storage Service) | Yes | Yes |
| VPC (Virtual Private Cloud) | Yes | Yes |
| SES (Simple Email Service) | Yes | Yes |
| Transit Gateway | Yes | Yes |
| Backup | Yes | Yes |
| ElastiCache | Yes | Yes |
Applications should run inside your Kubernetes cluster as containerized workloads. Game Warden can support certain in-cluster services—such as service mesh or secrets management—while AWS-managed services such as RDS or S3 are hosted externally and accessed over the network.
Note
To ensure compatibility with our Kubernetes-based platform, we recommend containerizing the required functionality as part of your application deployment.
If you're exploring serverless architecture, Knative offers a Kubernetes-native alternative that supports event-driven workloads and may serve as a suitable substitute. Our platform supports running Knative within your Kubernetes cluster as part of a containerized solution.
Google Cloud Platform (GCP)¶
The tabs below depict popular GCP services, their associated support status on Game Warden, and their availability at each Impact Level (IL):
Game Warden currently supports the following services for customers:
| Service Name | IL2 | IL4 | IL5 |
|---|---|---|---|
| Cloud Identity | Yes | Yes | Yes |
| Google Kubernetes Engine (GKE) | Yes | Yes | Yes |
| Google Cloud Storage (GCS) | Yes | Yes | Yes |
| Virtual Private Cloud (VPC) | Yes | Yes | Yes |
Game Warden can support the following services. Contact the Customer Operations team to confirm availability.
| Service Name | IL2 | IL4 | IL5 |
|---|---|---|---|
| Cloud HSM (Hardware Security Module) | Yes | Yes | Yes |
| Cloud Logging | Yes | Yes | Yes |
| Cloud Logging | Yes | Yes | Yes |
| Cloud Monitoring | Yes | Yes | No |
| Cloud Pub/Sub | Yes | Yes | No |
| Cloud SQL | Yes | Yes | No |
Game Warden plans to support the following services soon. If interested, contact the Customer Operations team so we can prioritize accordingly.
| Service Name | IL2 | IL4 | IL5 |
|---|---|---|---|
| BigQuery | Yes | Yes | Yes |
| Cloud Key Management Service | No | No | No |
Game Warden does not currently support the following services. Contact the Customer Operations team for more information.
| Service Name | IL2 | IL4 | IL5 |
|---|---|---|---|
| Dataflow | No | No | No |
| Persistent Disk | No | No | No |
Warning
GCP does not currently support IL6 or Top Secret deployments.
Big Bang¶
Big Bang is the underlying architecture that powers the Game Warden platform. Built on a Department of Defense (DoD)-approved framework, it provides a standardized set of services that run within the Kubernetes cluster provisioned via AWS—where your application is deployed.
Big Bang–managed services can be configured to run inside your Kubernetes cluster and may include tools such as HashiCorp Vault for secrets management and Istio for service mesh functionality. These services are deployed and maintained by the Game Warden team in accordance with security and operational requirements.
Iron Bank¶
Iron Bank is a Department of Defense (DoD)-approved container image repository that hosts hardened, continuously monitored images for use in secure environments. Game Warden can source container images from Iron Bank to support managed services within your Kubernetes cluster.
For example, if your application requires a caching service such as Redis (Remote Dictionary Server), Game Warden can deploy a Redis container image from Iron Bank—provided it meets our Acceptance Baseline Criteria. Only approved images are pulled and deployed to ensure compliance with DoD security standards.
Support and deployment¶
Game Warden provisions managed services upon request to ensure alignment with your application’s needs and deployment context. These services are not automatically included and should be identified early in your engagement with the Game Warden team.
If you require managed services, we recommend communicating this need as early as possible—ideally in your Authorization Boundary Diagram, during onboarding, or in pre-sales discussions. The Game Warden team should be aware of your request prior to application deployment. If a managed service need arises later, you can still submit a request via Slack or by contacting your designated Customer Operations point of contact.
For services such as Backup, ElastiCache, EFS, EKS, RDS, SES, and S3, the Game Warden team uses infrastructure as code (IaC) to provision and configure the necessary components, and connect them to your Kubernetes cluster. These services operate outside of the cluster but are tightly integrated. For example, we can create an S3 bucket and configure the necessary permissions for your cluster to access it. Deployments of services such as RDS, S3, and EFS are seamless to customers and can be supported at all DoD Impact Levels (ILs).
Requests for other managed services are subject to review. The team will evaluate the specific service, verify its alignment with security and compliance requirements, and determine whether it is authorized at the requested IL. Additional government approvals may be necessary, particularly for IL4 and higher, and Game Warden leadership may be involved in the approval process.