Home » Machine Identity Security » Securing Public-Facing Workloads in AWS with OpenShift & cert-manager

× Share this Video

Facebook
Twitter
Email
LinkedIn

Securing Public-Facing Workloads in AWS with OpenShift & cert-manager

April 1, 2025

Share this Video
Facebook
Twitter
Email
LinkedIn

What are the minimum steps required to secure a public-facing workload in AWS with OpenShift, NGINX Ingress, and cert-manager?

Watch this technical demo to learn how to enforce secure TLS communication between any internet browser and a single AWS-hosted, containerized workload running in an OpenShift cluster.

What you’ll learn:

A step-by-step tutorial of installing and creating a NGINX Ingress
How to use NGINX Ingress and cert-manager to ensure compatibility between https-based web traffic and http-based workload traffic
How CyberArk Certificate Manager for Kubernetes (formerly known as TLS Protect for Kubernetes) provides effective machine identity management within OpenShift Kubernetes clusters.

Previous Video

How Discover Financial is Securing the Future with PKI and Certificate Management

Jay Armstrong shares insights into PKI at Discover Financial, covering compliance, scaling machine identity...

Next Video

Customer Success: How Elevance Health Manages their Large, Dynamic Infrastructure

Sherman Becraft, Technology Owner at Elevance Health, researches the best vendors to trust. Watch his story...

Recommended for You

Container security at scale: Strengthening software supply chains

Modern applications have undergone a paradigm shift, with containers becoming the default choice for deployment. While their flexibility and scalability are well-recognized, their adoption has...

Read Blog

47-Day Certificate Readiness: Public TLS Discovery Scan Solution Brief

47-day TLS certificate lifecycles will go into effect in 2029. Manual CLM is no longer feasible. CyberArk offers a free scan to help you prepare.

Code Sign Manager Solution Brief

Automate code signing workflows and ensure your keys never leave secure, encrypted storage with CyberArk Code Sign Manager.

The Identity Security Imperative: IT users chapter excerpt

This excerpt from The Identity Security Imperative explores how to secure IT users with intelligent controls—without slowing innovation.

19:19

The Next Frontier in Identity Security: Machines, Secrets and AI

Machine identity sprawl is rising. Hear expert insights from ESG and CISO tips to improve visibility, control, and security.

Watch Video

TLS Lifecycles are Shrinking: 5 Questions CISOs Must Ask

5 must-ask questions for CISOs as their organization's prepare for 47-day TLS certificate lifespans and the future of certificate management and automation.

Identity security at inception: A CISO’s guide to proactive protection

Modern enterprises are facing an identity explosion. Fueled by cloud adoption, DevOps acceleration, and now agentic AI, the number of human and machine identities is growing faster than most...

Read Blog

2025 Best Practices Award: Global Machine Identity Security Technology Innovation Leadership

Frost & Sullivan applies a rigorous analytical process to evaluate multiple nominees for each Award category before determining the final Award recipient.

44:10

The Countdown to 47 Days: Are You Ready for the Biggest Change in TLS Certificate Lifecycle Management?

The CA/Browser Forum has approved sweeping changes to the TLS certificate lifecycle, reducing the maximum validity for public certificates to just 47 days, down from today’s 398.

Watch Video

How 47-Day TLS Certificates Are Reshaping Digital Trust

Discover how 47-day TLS certificates are reshaping certificate management. Security expert Ryan Hurst explains how to adapt, automate, and secure digital trust.

55:25

Machine Identity Security: Enabling Crypto-Agility for Your PQC-Journey

In this session, attendees will review the progression of quantum computing along with industry recommendations to help agencies prepare for and transition to post quantum cryptography.

Watch Video

Machine identity mayhem: The volume, variety, velocity challenge

Machine identities—like the API keys, certificates, and access tokens that secure machine-to-machine connections—are swarming businesses. Yet, many teams still reach for manual tools while their...

Read Blog

Now on AWS Marketplace: CyberArk Enterprise Support for cert-manager

Running Kubernetes on Amazon EKS? You’re likely already using cert-manager—the open source standard for TLS and mTLS certificate automation in Kubernetes clusters. Today, we’re excited to announce...

Read Blog

Organizations Largely Unprepared to Manage 47-Day TLS Certificates

This research report reveals how IT and security leaders are thinking about shortening TLS certificate lifespans and 47-day certificate management.

Key Considerations for Securing Different Machine Identities

Key Considerations for Securing Different Machine Identities Machine identities now outnumber humans—and the security risks are growing.

Is your AI safe? Threat analysis of MCP (Model Context Protocol)

Unless you lived under a rock for the past several months or started a digital detox, you have probably encountered the MCP initials (Model Context Protocol). But what is MCP? Is this just a...

Read Blog

48:10

Multi-Cloud, One Mission: Locking Down Your Secrets

As organizations embrace multi-cloud to boost innovation and agility, they face growing security and compliance risks.

Watch Video

TLS action lead time is closing: 5 practical steps to prepare for 47-day TLS certificates

Have you ever been on a tight deadline, and suddenly, your organization’s core services go dark because a TLS certificate expired without warning? It’s a nightmare scenario no team wants to face....

Read Blog

34:47

Managing Secrets at Scale with CyberArk Secrets Hub and AWS Secrets Manager

Join our joint webinar with Amazon and CyberArk security experts to learn how to manage secrets at scale while balancing the needs of your security and development teams.

Watch Video

Precision in Machine Identity: Securing the NHIs That Matter

Imagine walking into your next board meeting and saying, “We need to secure all the non-humans.” You can probably picture the reactions: furrowed brows, confused glances—not exactly a solid...

Read Blog

Return to Home

Up Your Security I.Q. by Checking Out Our Collection of Curated Resources.

Securing Public-Facing Workloads in AWS with OpenShift & cert-manager

Previous Video

Next Video

STAY IN TOUCH