Sold by: Tigera Inc.
Deployed on AWS
Calico Cloud is a fully managed pay-as-you-go SaaS based networking, network security, and observability platform for AWS and EKS Kubernetes clusters.
Overview
Tigera provides Calico, a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. The Calico platform is engineered to secure all types of network traffic including egress, ingress, in-cluster and cross-cluster. Calico offers centralized network security management across multiple Kubernetes distributions, for individual and multi-cluster deployments in the cloud or on premises. It facilitates seamless and consistent network policy enforcement, while empowering teams with observability and risk mitigation capabilities.
Tigera is the creator and maintainer of Calico Open Source, the most widely adopted container networking and security solution. Calico software powers more than 100M containers across 8M+ nodes in 166 countries, and is supported across all major cloud providers and Kubernetes platforms.
Highlights
- Network security: Improve network security posture with fine-grained network policies. Limit egress traffic by IPs, domains and IP CIDRs. Automatically identify namespace boundaries and recommend policies for namespace isolation.
- Egress Gateway: Calico Egress Gateway assigns a static IP address to egress traffic from Kubernetes pod, to facilitate integration with firewalls, and other tools that require a static IP address for identification.
- Ingress Gateway: Provides a standardized approach to managing Kubernetes ingress traffic using the Gateway API. Integrates Envoy Gateway, hardened for enterprise use, to provide comprehensive security and observability for ingress traffic.
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
5 vCPU Subscription | 5 vCPUs billed monthly | $90.00 |
Pro Subscription | Billed at $0.025/vCPU hour | $18.00 |
10 vCPU Subscription | 10 vCPUs billed monthly | $180.00 |
Dimension | Cost/unit |
|---|---|
vCPU Hour | $0.025 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
24x7 for Calico Cloud Pro. The complete support policy is here: https://www.tigera.io/legal/calico-cloud-support-policy . calicocloud-support@tigera.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Trend Micro
By Sophos
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Policy Management
Fine-grained network policy enforcement across Kubernetes clusters with support for egress, ingress, in-cluster, and cross-cluster traffic control
Traffic Segmentation
Automatic identification and isolation of namespace boundaries with granular traffic limitation by IP addresses, domains, and IP CIDRs
Egress Traffic Control
Static IP address assignment for egress traffic from Kubernetes pods to enable integration with external firewalls and security tools
Gateway Management
Standardized ingress traffic management using Gateway API with integrated Envoy Gateway for enterprise-grade security
Multi-Cluster Security
Centralized network security management across multiple Kubernetes distributions in cloud and on-premises environments
Threat Detection
Advanced intrusion detection and prevention system with behavioral analysis and predictive machine learning capabilities
Container Security
Native security controls for Docker containers with automated protection and application control mechanisms
Workload Protection
Host-based security solution supporting both Windows and Linux environments with comprehensive vulnerability shielding
Integrity Monitoring
File and system integrity monitoring with real-time detection of unauthorized changes and configuration drifts
Multi-Environment Support
Security platform compatible with physical, virtual, and cloud infrastructure with flexible deployment options
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, and detect potential malicious activities with integration to AWS GuardDuty and SecurityHub
Endpoint Protection
Advanced agent-based protection against malware, fileless threats, and ransomware for Windows and Linux hosts in cloud environments
Threat Detection and Response
24/7 managed detection and response service leveraging telemetry from multiple security solutions including endpoint, firewall, network, email, and identity platforms
Cloud Workload Protection
Security agents designed to protect cloud-based Windows and Linux hosts against modern cyber threats including ransomware
Network Security
Cloud edge firewall solution providing network visibility, protection, and response across public, private, and hybrid cloud environments using cloud native, virtual, and physical appliances
Standard contract
No
No
No
Customer reviews
0 ratings
0 AWS reviews
|
37 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Erick Vincent Steve G.
A powerful Cloud Native Security Solution
Reviewed on Jul 20, 2025
Review provided by G2
What do you like best about the product?
What I like best about Calico Cloud is its deep integration with Kubernetes and its strong support for eBPF, which enables high-performance networking and observability. The user interface is intuitive, and the policies are easy to configure using either YAML or the GUI. It also supports zero-trust security models out of the box, which is essential in modern cloud-native environments.
What do you dislike about the product?
One downside of Calico Cloud is that the initial setup.
What problems is the product solving and how is that benefiting you?
Calico Cloud helps us improve container security and stay compliant with cloud regulations. It lets us create network policies to control traffic between pods, monitor activity, and detect threats in real time. This makes it easier to secure our workloads and meet compliance standards like PCI and SOC 2.
Architecture & Planning
Robust Kubernetes Security with Room for Improvement
Reviewed on Jul 18, 2025
Review provided by G2
What do you like best about the product?
Calico Cloud excels in providing enterprise-grade security features for Kubernetes environments. The platform offers exceptional network policy management and real-time visibility into container traffic. I particularly appreciate the intuitive policy builder that helps create and implement zero-trust security models. The live troubleshooting tools are invaluable for diagnosing connectivity issues, and the integration with existing cloud platforms is seamless. The dynamic threat detection and automated security controls have significantly improved our cluster security posture.
What do you dislike about the product?
The initial setup and configuration process can be challenging for teams without extensive Kubernetes expertise. The documentation, while comprehensive, could be more user-friendly with better examples and use cases. Some advanced features require considerable fine-tuning to work optimally, which can be time-consuming.
What problems is the product solving and how is that benefiting you?
The pricing structure could be more transparent, and the cost can be significant for larger deployments. Additionally, the UI occasionally feels sluggish when handling multiple clusters, and some error messages could be more descriptive to help with troubleshooting.
VIJAY H.
Evaluating Calico Cloud: Secure, Scalable, and Kubernetes-Ready
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
Calico Cloud enforces identity-aware microsegmentation and least-privilege access by default. It doesn’t just rely on IPs—workload identity (like Kubernetes labels and service accounts) is used to define policies. This helps achieve zero-trust security across clusters and clouds.
What do you dislike about the product?
Despite having a clean UI, the underlying concepts (like eBPF, policy tiers, workload identities) can be challenging for teams new to Kubernetes networking and security. Proper onboarding/training is often needed.
What problems is the product solving and how is that benefiting you?
Lack of Fine-Grained Network Security in Kubernetes
> Solution: Calico Cloud allows me to define fine-grained, identity-based network policies that go beyond IP addresses — using labels, namespaces, and service accounts to tightly control traffic between workloads.
> Solution: Calico Cloud allows me to define fine-grained, identity-based network policies that go beyond IP addresses — using labels, namespaces, and service accounts to tightly control traffic between workloads.
Yashavant N.
Review for calico cloud
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
I like how Calico Cloud provides strong zero-trust security and deep observability for Kubernetes workloads.
What do you dislike about the product?
I dislike that some advanced features are only available in the paid version, limiting open-source flexibility.
What problems is the product solving and how is that benefiting you?
Securing Kubernetes workloads in production.
Paras D.
Reliable cloud platform with solid support
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
What I like best about Calico Cloud is its strong focus on security and observability. The way it integrates with Kubernetes for network policies and zero-trust security feels seamless. Plus, the real-time visibility into workloads and traffic flows is super helpful for debugging and compliance.
What do you dislike about the product?
The UI can feel a bit overwhelming at first, especially for new users. There’s definitely a learning curve if you’re not already familiar with Kubernetes networking concepts. Also, some advanced features could use more detailed documentation or tutorials.
What problems is the product solving and how is that benefiting you?
Calico Cloud helps us secure and manage Kubernetes workloads with fine-grained network policies and zero-trust security. It simplifies enforcing security at scale, especially across multiple clusters. The built-in observability tools also give us better insights into traffic patterns and potential vulnerabilities, which helps us troubleshoot faster and stay compliant.