Crossplane transforms Kubernetes from a container orchestrator into a universal control plane for cloud infrastructure. Instead of managing infrastructure through separate tools like Terraform or Pulumi with their own state files and workflows, Crossplane uses Kubernetes' native reconciliation loop to continuously ensure that declared infrastructure matches reality. Platform engineers define Compositions that combine multiple cloud resources into higher-level abstractions and publish them as custom Kubernetes APIs. Application teams then request infrastructure through standard kubectl commands or GitOps workflows without needing cloud provider credentials or IaC expertise.
The provider ecosystem covers over 200 cloud services across major platforms. AWS, Azure, and GCP providers expose thousands of managed resources as Kubernetes custom resources, from databases and storage buckets to networking configurations and IAM policies. Crossplane's composition engine supports patching, transforms, and conditional logic, enabling platform teams to encode organizational policies directly into infrastructure abstractions. For example, a DatabaseClaim API might automatically provision an RDS instance with encryption enabled, backup configured, and monitoring attached — all defined once and reused across teams.
As a CNCF Graduated project alongside Kubernetes, Prometheus, and Envoy, Crossplane carries the highest level of open-source maturity certification. The project reached graduation in October 2025, reflecting production adoption across over 450 organizations and contributions from more than 3,000 developers. Crossplane integrates naturally with GitOps tools like Argo CD and Flux, policy engines like OPA and Kyverno, and secret management solutions. Its control-plane architecture means infrastructure state lives in etcd rather than external state files, providing the same consistency guarantees and RBAC controls that teams already use for workloads.