Environment Isolation
Proper environment isolation and access control are essential in enterprise application development and deployment. Zilliz Cloud offers flexible isolation through a hierarchical structure of Organizations, Projects, and Clusters. This guide helps you select the most appropriate strategy based on your operational, security, and financial requirements.
Organization-level isolation
Organization-level isolation is the most secure option.
Best suited for:
-
Separate billing accounts (e.g., multiple different AWS subscription accounts)
-
Independent invoice and cost management
-
Strict user access boundaries across environments
How to implement:
-
Create a distinct organization for each environment (e.g., production, development, testing)
-
Each organization can be linked to a unique payment method
-
By default, only one single organization is supported by Zilliz Cloud. If you need multiple organization, please submit a request in the Support Portal.
Project-level isolation
This option is recommended for most enterprise-grade production deployments where billing separation is not a requirement.
Best suited for:
-
Shared billing across environments under a single payment method
-
Tracking resource usage by environment
-
Managing user roles with moderate isolation
Benefits:
-
Fine-grained user access control at the project level
-
Consolidated billing with per-environment usage tracking
-
Sufficient isolation for most enterprise use cases
Cluster-level isolation
This is the most agile and lightweight option.
Best suited for:
-
Small teams focused on rapid iteration
-
Minimal access control needs
-
Basic workload separation
Features:
-
Multiple clusters under the same project
-
Each cluster has dedicated compute/storage resources for workload isolation
-
Centralized monitoring for easier operation and management
Choosing the right isolation strategy
Use the following flow to guide your decision:
-
Do you need separate billing or invoices? → Yes: Use Organization-level isolation
-
Do you need role-based access control per environment? → Yes: Use Project-level isolation
-
Neither of the above? → Use Cluster-level isolation for simplicity
For tailored recommendations, please contact the Zilliz Cloud Support Team.