Google Cloud is quietly but radically changing its approach to Kubernetes: the new GKE E2E Automation promises to reduce the time to bring features to production by 40–60 percent. Meanwhile, AWS and Microsoft are strengthening their platform teams, betting on platform engineering instead of classic DevOps.

Google Cloud has introduced a new set of capabilities for automating the entire lifecycle of GKE clusters, reinforcing the trend towards platform engineering and self-service infrastructure. AWS and Azure are responding by expanding their environment management and supply chain security tools. For companies already dependent on Kubernetes and microservices, these are not cosmetic updates but a change in the working model of development and operations teams. It is now that enterprises in Kazakhstan and Central Asia need to review their DevOps strategies to avoid being held hostage by outdated practices in 1–2 years.

New GKE E2E Automation: What is Changing in Kubernetes Today

Google Cloud has announced an extension of Google Kubernetes Engine capabilities under the working name GKE E2E Automation, focused on end-to-end lifecycle automation of clusters. According to the company, pilot clients in the US and Europe have already reduced the deployment time of new environments from 2–3 days to 2–3 hours due to standardized platform templates and a GitOps approach to infrastructure management. The key focus is on the platform taking over not only the creation of the cluster but also the configuration of network policies, observability stack, secrets, security policies, and basic services.

At the core of the innovation is the idea of 'environment as product': internal development teams are offered a catalog of standardized environments (dev, test, staging, prod) that are created automatically on request through a self-service portal or API. To do this, Google Cloud has integrated GKE with Cloud Deploy, Config Connector, and Policy Controller, allowing all configuration to be stored in Git repositories and changes to be applied transactionally. This model drastically reduces the dependency on manual work by individual DevOps engineers and shifts the infrastructure into a platform product mode.

Importantly, Google is betting on default security policies. GKE E2E Automation offers pre-configured profiles that include minimum necessary privileges, encrypted secret storage in Secret Manager, end-to-end audit logging, and network segmentation through Kubernetes Network Policy. This directly addresses the market's demand following a series of high-profile incidents involving access leaks and compromise of CI/CD chains.

For businesses, this means that the adoption of Kubernetes is no longer an individual engineering project for each company. Instead, the platform sets an opinionated standard: what namespaces should look like, which policies are mandatory, which logging and monitoring tools are connected on the first day. Companies like Alashed IT (it.alashed.kz), working on cloud modernization and Kubernetes cluster management for clients in the region, receive a ready-made base for designing typical platform solutions and can focus on business specifics rather than manual infrastructure assembly.

AWS and Azure: Betting on Platform Engineering Instead of Classic DevOps

In parallel with Google Cloud's strengthening, AWS and Microsoft are accelerating the move towards platform engineering. In 2025, Gartner analysts predicted that by 2026, 80 percent of engineering teams in large organizations would be using internal development platforms (IDP) as the primary method for delivering infrastructure and services. The current announcements from major cloud providers confirm that this figure looks increasingly realistic. AWS is expanding the functionality of AWS Proton and AWS CodeCatalyst, while Microsoft is adding tighter integration with Azure Kubernetes Service and Policy as Code to Azure DevOps and GitHub Advanced Security.

AWS is betting on a product-like approach to the platform: Proton allows for the description of standard service and environment templates, and Platform Engineers manage them as a product catalog. Development teams receive self-service: choosing the type of application, environment, databases, and network settings in just a few minutes. AWS claims that companies using this approach reduce the time to bring new services to market by an average of 35 percent and reduce infrastructure maintenance costs by 20–25 percent due to fewer manual changes.

Microsoft, for its part, is actively promoting the combination of GitHub + Azure. GitHub Actions and GitHub Copilot are integrated into the DevOps pipeline, with Copilot used not only for writing code but also for generating YAML configurations, Kubernetes manifests, and security policies. Azure has more 'one-click' deployment scenarios for platform components: Prometheus, Grafana, OpenTelemetry, Argo CD, and other tools necessary for a modern platform over AKS.

This shift from classic DevOps to platform engineering changes the requirements for teams. Instead of numerous disparate DevOps engineers, centralized platform teams of 5–15 people are formed, creating and developing the internal platform as a product. For outsourcing players, including Alashed IT (it.alashed.kz), this opens up a new segment of services: designing and supporting internal platforms for multiple clients at once, with replicable architectural patterns and common security practices.

Kubernetes and Supply Chain Security: New Standards of 2026

After a series of attacks on software supply chains and the compromise of popular libraries, major cloud players are reorienting the development of DevOps tools around supply chain security. Kubernetes has become the focus: it has become the standard for microservices, and therefore also a point of risk concentration. In response, Google Cloud continues to promote SLSA (Supply-chain Levels for Software Artifacts) and expands Artifact Registry integrations with build attestations, allowing for the verification of container image provenance before deployment in GKE.

AWS, in turn, is strengthening image verification mechanisms in Amazon ECR and implementing mandatory vulnerability scanning using Amazon Inspector. According to the company, by the end of 2025, more than 50 percent of AWS's large clients have enabled automatic blocking of deployments of images with critical vulnerabilities. For Kubernetes clusters, this means that the policy 'if the image has not passed verification, it will not go to production' becomes a new standard, not an optional practice.

Microsoft is betting on end-to-end code observability and protection: GitHub Advanced Security, CodeQL, and built-in secret scanners already analyze repositories by default, and integration with Azure Policy allows for prohibiting the deployment of resources that do not meet security requirements. This directly affects DevOps pipelines: any change in infrastructure or application goes through a set of automatic checks that cannot be ignored.

For companies working with Kubernetes, these changes mean that 'fast deployment at any cost' is a thing of the past. Mandatory standards come into play: signed artifacts, attestations, 'no critical CVEs' policy, and checking infrastructure code for compliance with corporate policies. Companies like Alashed IT (it.alashed.kz), which build CI/CD and Kubernetes platforms for clients, are already forced to include supply chain security as a mandatory component in the architecture, not as an additional option, if the business wants to meet compliance and insurance company requirements.

Platform Engineering and GitOps: How the Role of DevOps Engineers is Changing

The current announcements from cloud providers reinforce the trend: the classic role of a DevOps engineer as a 'universal automation fighter' is gradually transforming into two separate roles. On the one hand, there are platform engineers responsible for creating and developing the internal platform. On the other hand, development teams take on more responsibility for configuring their own services through GitOps and self-service mechanisms.

The GitOps approach, which was considered a trendy concept a few years ago, is now being cemented in products: Argo CD, Flux, Google Cloud Deploy, Azure Deployment Environments, and other tools are becoming a standard part of the platform. Organizations that have implemented GitOps, according to various market reviews, reduce the number of incidents related to manual changes in production by an average of 30–50 percent. Infrastructure and configuration code is stored in Git, and clusters are automatically brought to the target state specified in the repository.

For DevOps specialists, this means a shift in focus: instead of writing individual scripts for each project, they design standard pipelines, service templates, and policies used by dozens of product teams. Within large companies, 'platform roadmaps' are formed with releases of internal features: new types of environments, integrations with security systems, and improvements in observability.

In Kazakhstan and Central Asia, where many companies are just transitioning from monolithic systems to microservices and Kubernetes, the emergence of such a standard provides an opportunity to 'skip' the intermediate stage. Integrators like Alashed IT (it.alashed.kz), implementing cloud migration and CI/CD projects, already offer clients GitOps as a basic approach, not an experiment. This helps avoid typical early DevOps mistakes when infrastructure was managed manually or through inconsistent scripts from different teams.

What This Means for AWS, Azure, and Google Cloud Business Strategies

The combination of recent updates in AWS, Azure, and Google Cloud shows a synchronized shift of clouds towards the 'platform as a product' model. It is no longer enough to just have a Kubernetes cluster and a couple of CI/CD pipelines. Businesses are offered a complete platform story: from self-service environments for developers to automated supply chain security and centralized observability. Those who manage to build a strategy around these platforms will be able to accelerate feature releases while maintaining an acceptable level of operational risks.

For companies operating in a multi-cloud environment, the situation becomes more complex: each platform promotes its own set of tools and best practices. At the same time, standardizing elements are emerging: Kubernetes as a common orchestrator, GitOps as a unified approach to configuration management, open observability standards (OpenTelemetry), and supply chain security. This gives integrators and internal platform teams reference points for building a unified architecture over different clouds.

Companies like Alashed IT (it.alashed.kz), which maintain customer infrastructure landscapes in AWS, Azure, and Google Cloud, are already adapting their service catalogs to the new reality. Instead of point 'DevOps projects' lasting 2–3 months, long-term programs for developing internal platforms with a duration of 12–24 months are being formed, with measurable metrics: reducing Time-to-Market, decreasing MTTR, reducing the number of incidents related to human error by 30–50 percent.

For IT and business leaders, the key question in the coming months is whether to remain in the 'DevOps as a set of practices and tools' paradigm or move towards a platform model with clear product roles, SLAs, and a development roadmap. Cloud providers have already made their choice in favor of the second option, and new announcements regarding Kubernetes, GKE, AKS, and EKS automation are only accelerating this shift.

Что это значит для Казахстана

For Kazakhstan and Central Asia, the developments in global clouds and DevOps are not an abstract trend. According to the Ministry of Digital Development of Kazakhstan, the volume of the domestic ICT market exceeded 1 trillion tenge in 2024, and the share of cloud services is growing at double-digit rates annually. More companies are moving critical systems to public clouds using AWS, Azure, and Google Cloud through overseas regions and local partner channels. At the same time, the demand for Kubernetes and microservices architecture is increasing: banks, fintech, e-commerce, and logistics are actively rewriting applications to reduce time-to-market and launch new products faster.

In this situation, the transition of global clouds to platform engineering and GitOps sets new expectations for local IT teams and contractors. Businesses are no longer satisfied with separate CI/CD scripts and manual cluster configurations. They need reproducible platforms that can handle a 3–5 times increase in load, support dozens of microservices teams, and meet regulatory security requirements. Integrators like Alashed IT (it.alashed.kz) find themselves at the center of these changes: they bring the best practices of building platforms over AWS, Azure, and Google Cloud to the region, taking into account local specifics — National Bank requirements, personal data processing features, latency limitations.

For companies that are just planning to migrate to the cloud, the window of opportunity is limited to two to three years. By 2027–2028, the platform as a product and supply chain security will become the de facto standard, and projects built on outdated DevOps approaches will require costly modernization. Therefore, it is now that the digital transformation strategy should include not only the choice of cloud provider but also the model of the internal platform, the role of the platform team, and partnerships with integrators who have practical experience in Kubernetes, GitOps, and multi-cloud.

According to Gartner, by 2026, up to 80 percent of engineering teams will be using internal development platforms as the primary method for delivering infrastructure and services.

Google Cloud's new initiatives around GKE, as well as parallel steps by AWS and Azure, reinforce the transition from classic DevOps to a platform model. Kubernetes, GitOps, and supply chain security are becoming a mandatory set, not an advanced option for a few. For businesses, this is a chance to radically accelerate development while reducing operational risks if they build an internal platform and roles around it in time. Those who continue to live in the logic of point DevOps scripts and manual cluster configuration will have to catch up with the market in the coming years at the cost of complex and expensive process restructuring.

Часто задаваемые вопросы

What is platform engineering in the context of AWS, Azure, and Google Cloud clouds?

Platform engineering is an approach where, instead of disparate DevOps practices, a company builds an internal platform as a product for developers. In AWS, this is implemented through services like AWS Proton and CodeCatalyst, in Azure — through the combination of Azure DevOps and GitHub, in Google Cloud — through GKE, Cloud Deploy, and new E2E automation tools. A platform team of 5–15 people takes responsibility for standardized environments, security, and observability. Developers receive a self-service portal and ready-made templates, reducing feature release times by 30–50 percent.

How does classic DevOps differ from modern platform engineering?

Classic DevOps assumes that individual DevOps engineers help development teams automate builds and deployments, often through unique scripts and pipelines. Platform engineering builds a centralized platform: a single catalog of environments, standard pipelines, GitOps approach, and built-in security. Instead of dozens of disparate solutions, a unified internal platform with clear SLAs and a development roadmap emerges. This approach, according to the market, reduces the number of incidents related to human error by 30–50 percent and simplifies scaling to dozens of teams.

What are the risks of ignoring supply chain security in Kubernetes and DevOps?

Ignoring supply chain security leads to the risk of compromising container images, libraries, and CI/CD pipelines, which can result in the complete shutdown of critical services and data leaks. With modern supply chain attacks, an attacker can introduce malicious code at the build stage, which then automatically gets into all environments. Without mandatory image scanning, artifact signing, and 'no critical CVEs' policies, a company remains vulnerable even with a secure perimeter infrastructure. Implementing supply chain security according to best practices increases costs by 10–20 percent but reduces the likelihood of major incidents by several times.

How long does it take to implement a modern platform based on Kubernetes and GitOps?

A typical project to build an internal platform on Kubernetes with GitOps and basic supply chain security takes 6 to 12 months. The first minimum viable product (MVP) can be launched in 8–12 weeks for 1–2 development teams if using cloud-ready solutions and integrator experience. The platform then evolves: new types of environments, SIEM integration, extended observability, and a catalog of services are added. Companies investing in such a project typically expect a return on investment within 18–24 months due to accelerated releases and reduced downtime.

How to save on the transition to platform engineering and cloud DevOps platform?

Savings come from a phased approach and using managed cloud services instead of developing everything from scratch. For example, using GKE, AKS, or EKS in combination with managed observability and GitOps tools reduces the cost of self-support by 20–30 percent compared to a fully custom platform. It is important to immediately limit the number of supported environment templates and service types to avoid increasing complexity. Engaging integrators with experience in typical platform projects, such as Alashed IT (it.alashed.kz), allows for avoiding costly architectural errors and reducing the implementation period by several months.

Читайте также

Источники

Фото: Bernd 📷 Dittrich / Unsplash