Astro Private Cloud 2.0 is now generally available. If your organization runs at enterprise scale and has to keep workflow orchestration inside its own environment, whether for data sovereignty, regulatory compliance, security policy, or pure infrastructure control, this release was built for you.

Astro Private Cloud delivers enterprise-grade Airflow, entirely within your own environment. The platform is organized around three pillars enterprise teams care about most: Security, Reliability, and Scalability. All three are stronger with this release. Audit Logging now captures every action across the control plane. Disaster Recovery brings cross-cluster failover to your data planes. And Config Governance gives platform admins a hierarchical model for managing the entire fleet.

The new bar for self-hosted Airflow at enterprise scale

Running Airflow inside your own infrastructure already comes with a known trade-off. You get the data residency, the security posture, and the network control. You also inherit every operational concern that comes with running a mission-critical platform yourself.

Disaster recovery becomes a long-term engineering project. Every configuration change routes through a single team. Audit trails get cobbled together from cluster logs and ad-hoc reports. The team supporting 50+ Airflow deployments today has to grow proportionally to support a 100+ tomorrow. And if your enterprise budget is still going to legacy schedulers like Autosys, Informatica, Control-M, or UC4, "modernization" turns into a multi-year program rather than a release cycle.

Astro Private Cloud is built specifically to break that pattern. Five of the top five global banks already run their orchestration on it, alongside leading enterprises in healthcare, manufacturing, and many more. The full feature picture lives in the Astro Private Cloud overview and the features list. The new capabilities below are where this release moves the bar.

Reliability: your pipelines keep running, even when the region does not

Data Plane Disaster Recovery lets platform admins fail over every Airflow deployment in a Data Plane to a destination cluster in another region with one API call or one click in the UI. Two failover modes ship in this release, designed for the two scenarios teams actually face.

Controlled failover drains the source first, then provisions the destination. Zero data loss. Use it for planned migrations, infrastructure upgrades, and DR drills.

Forced failover runs concurrent migration with database fencing. Availability-first. Use it in true disaster events.

A single control plane manages many data planes and their replicas. Data planes fail over independently, so you do not have to move every workload at once. The Astro Private Cloud API tells your end users which deployment is currently active, so traffic is routed to the right place automatically. Every action during an incident is recorded in Audit Logging for full auditability, and failback to the primary follows the same workflow.

The capability supports 1-hour RTO and 15-minute RPO targets, meeting cross-region DR requirements for DORA, SOX, HIPAA, and other regulated frameworks.

Scalability: govern hundreds of deployments without becoming a help desk

Config Governance introduces a four-tier hierarchical configuration system that maps directly to the Astro Private Cloud data model: Platform, Data Plane, Workspace, and Deployment. Defaults flow down. Overrides win on conflict. Platform admins choose what is locked at the top and what is delegated to the teams below.

For platform admins, this is the difference between running a ticket queue and delivering a service. Per-deployment Vector logging, PgBouncer resource settings, Kubernetes network policy labels, and PVC settings become self-service for the teams that need them, without breaking central enforcement.

For your engineers, this is the autonomy they have been asking for. Configure your own deployment. Ship faster. Stay inside the guardrails. Strict schema validation catches unknown or misspelled keys before they reach a running cluster, so config changes stop being a debugging session.

Security: a structured audit trail your team can actually use

Control Plane Audit Logging captures structured events across more than sixty operations in eight categories: Deployments, Workspaces, Users and Teams, Service Accounts, Authentication, Role Bindings, Clusters, and more. Every GraphQL mutation is audited by default, with no allow or deny list to maintain. Each record includes the actor, the action, the timestamp, the affected resource, and the outcome.

Records are immutable. Sensitive data is handled with care: passwords are redacted, API keys are hashed (enough to correlate, not enough to use), and auth tokens never reach the pipeline.

Events export to AWS CloudWatch via IRSA, GCP Cloud Logging via Workload Identity, or Elasticsearch. Multiple sinks can run at once, and the configuration lives in values.yaml. The whole capability turns on with a single Helm toggle. SOC 2, HIPAA, PCI-DSS, and DORA audits all need this kind of structured source of truth, and now it is available right out of the box.

Replace legacy schedulers without leaving your perimeter

The case for moving off Autosys, Informatica, Control-M, or UC4 has been clear for years: Python-native pipelines, modern observability, 1.5K+ modules through the Airflow ecosystem, and a developer experience that matches the data stack your teams actually want to build on. What has stayed difficult is the migration itself.

Legacy job definitions live in proprietary formats. Production workflows are deeply embedded. And any new platform that requires data to leave your security perimeter is a non-starter for the security team that signed off on the original scheduler.

Astro Private Cloud removes the security redesign from the equation. It runs entirely inside your existing perimeter, brings the governance and auditability your security team already expects, and gives you a modern Airflow platform without an egress conversation. One financial services customer migrated off Control-M onto Astro Private Cloud and saw 20% faster pipeline execution as a result.

The path is straightforward: replace the legacy scheduler with a Python-native platform inside your perimeter, consolidate the Airflow sprawl that has accumulated around it under one control plane, and standardize the entire enterprise on a single governed orchestration platform.

Operational improvements you'll feel on day one

Beyond the three flagship capabilities, this release ships a long list of operational, security, and migration improvements:

• A direct upgrade path from older versions. Customers on Astronomer Software 0.37 can upgrade directly without an intermediate hop, and 1.x customers move with a single migration step. Both paths are detailed in the upgrade docs.
• Strict schema validation on values.yaml. Misspelled or unknown keys are caught at install time, not at runtime, eliminating a whole class of failed upgrades.
• Cluster-level metric collection as opt-in. Node Exporter and cAdvisor restore resource utilization dashboards for cluster-scoped deployments.
• Git-sync relay operational metrics give platform admins real visibility into Dag delivery health: sync operations, repository size, and per-deployment sync performance.
• Configurable Prometheus scrape interval and timeout for federated data planes with high deployment counts.
• Containerd 2.0 and GKE 1.33+ support, plus all platform images mirrored to Azure Container Registry alongside Quay and Docker Hub.
• 30+ CVE remediations and a long list of bug fixes. The full list lives in the release notes.

Get started

Astro Private Cloud 2.0 is generally available. Existing customers can follow the upgrade guide. Not on Astro Private Cloud yet? Contact our sales team today or browse the Astro Private Cloud documentation to learn more.