The Platform

Everything a data team needs.
Nothing you don't own.

OpenLake assembles proven open-source engines into a coherent, governed platform - storage, compute, catalogs, workstations, and a single web application that ties it all together. Delivered as Infrastructure as Code into your cloud account.

Architecture

A modern lakehouse, end to end

Storage & Tables

Object storage with lifecycle management, Apache Iceberg table format, and a Nessie catalog with git-like versioning. Encrypted at rest with keys you control.

Compute

Trino for fast interactive SQL, ephemeral Spark clusters for heavy ETL, and lightweight Polars and Python runners for everything in between. Scales up for the job, down to zero after.

Databases & Search

Managed PostgreSQL and MySQL with automated backups and encryption, plus Neo4j graph and Elasticsearch when the workload calls for them.

Interfaces

The OpenLake web app, Apache Superset dashboards, BI tool connectivity (Tableau, Power BI), and full cloud workstations for power users.

Security & Identity

Single sign-on end to end, granular IAM with least privilege, secrets management, network isolation, and audit logging across every layer.

Everything as Code

Every stack - network, storage, compute, apps - is a versioned template. A new environment, region, or account is a parameter change, not a rebuild.

Inside the app

The platform tour

What your analysts, engineers, and admins actually see when they log in.

SQL Query Workbench - with AI on tap

A full SQL editor against the lake, powered by Trino. Queries run as the signed-in user, so table-level permissions follow the person - not a shared service account.

  • Natural-language to SQL, grounded in the catalogs the user can actually read
  • Schema-aware autocomplete and query history
  • Export results or hand off to dashboards

Ingest Monitor - ETL without the scheduler sprawl

Every pipeline is a registered job with an engine, a schedule, and a home. Run it on the app server for small work, or on an ephemeral Spark cluster that provisions itself, runs the job, and deletes its own stack.

  • Engines: Spark, Polars, Python, Bash
  • Cron scheduling with one-click manual runs
  • Logs stream to centralized monitoring automatically

Cloud workstations, on demand

Analysts launch their own preconfigured desktops - sized to the work, encrypted, and reachable over a secure tunnel with no public exposure. Data tooling, notebooks, and lake access are ready on first login.

  • Self-service creation from the web app
  • Remote desktop in the browser or a native client
  • Nightly snapshots of user home volumes

Self-service infrastructure

Launch and manage web apps, Trino and Spark clusters, Neo4j, and Elasticsearch from the UI. Every action drives the same audited IaC templates your platform was built with - point-and-click, without configuration drift.

  • Business-hours scheduling to cut idle compute cost
  • One-click stop/start of entire environments
  • Health dashboard across every service

AI where it earns its keep

OpenLake ships practical AI, running under your account's controls: an AI-enriched data dictionary that documents your tables in plain language, a data-ops agent that triages platform incidents and proposes fixes, and natural-language querying for non-SQL users.

  • Automated data cataloging with natural-language search
  • Incident triage that turns alerts into diagnoses and pull requests
  • Optional self-hosted LLM services - no data leaves your boundary

Cost transparency, per query

Trino has no "credits" - so OpenLake attributes real, measured cost to every query: CPU-time plus data scanned, priced at your actual blended infrastructure rate. Finance gets attribution; engineering gets accountability; nobody gets a surprise invoice.

  • Per-user and per-query cost breakdowns
  • Admin-tunable rates that re-price history consistently
  • Idle resources stop on schedule, storage tiers automatically

Governance that auditors like

Your identity provider is the single source of truth. Group membership drives what every user can see and do - in the app, in the query engine, and on the data itself. Every privileged action lands in an audit log.

  • SSO end to end - no local passwords, MFA enforced
  • Role-based access mapped to real organizational groups
  • Secrets in a managed vault, never in code or config
  • Full audit trail of administrative actions

Want the deep-dive?

We'll walk your team through the architecture on a live deployment.

Request a demo