FAQ

Does Grand Central offer DDoS protection?

Yes. Grand Central offers DDoS Protection as a platform add-on. The service uses Azure DDoS Protection to provide advanced mitigation against volumetric, protocol, and application-layer attacks with sub-second response times.For full details and how to enable it, see Add-ons.

Does my code run in a shared environment?

No. Each customer gets a dedicated installation, not a shared multi-tenant cluster. The isolation model includes:

Separate GitHub repositories per customer: Each customer has their own applications-live and self-service repositories
Separate AKS clusters per installation: Each installation has its own cluster, or at a minimum its own namespaces and runtimes
Separate SOPS keys per customer environment, linked to that customer’s Azure Key Vault
Separate APIM configuration per installation
Separate Microsoft Entra ID roles scoped to each installation’s environments

Grand Central is single-tenant by design. Each customer has isolated infrastructure, isolated repositories, and isolated secrets. Different customers’ connectors never run side-by-side in a shared runtime.

Overview

Capabilities

Developer guides

Security and reliability

Platform administration

Reference