OPAQUE 2.5.0¶

October 30, 2025

Thanks for using OPAQUE! This release adds new deployment and integration options, enhanced observability, and sensitive data handling agents—making it even easier to build, manage, and scale secure AI workflows.

New features and enhancements¶

• Workload-attested data plane: OPAQUE's data plane can now be deployed using a locked-down K3s-based image, enabling cloud provider flexibility, standard Kubernetes tooling, and attested workloads. This supports confidential compute use cases with a more portable and scalable architecture. Additional enhancements ahead of GA include monitoring integration, horizontal scaling, and support for custom images.
• Deploy workflows via Azure Marketplace: Customers can now deploy workflows directly within their own Azure environments, providing greater flexibility for organizations with strict data residency or compliance requirements while still benefiting from Marketplace’s streamlined deployment and management.
• Automated log streaming to Azure Blob Storage: OPAQUE now supports automatically streaming logs from its Kubernetes platform to customer-defined destinations via Azure Blob Storage. This enhancement improves observability by enabling a scalable, standardized logging solution and complements the unified OTLP endpoint introduced in 2.3.
• Redact and Unredact agents: Two new workflow agents are now available for handling sensitive data. The Redact agent automatically detects and removes personal or confidential information (such as identifiers, credentials, or network data) using advanced regex-based detection patterns. The Unredact agent securely restores redacted content when authorized, enabling reversible data workflows within Confidential AI environments.

Known issues¶