Certificate Manager for Kubernetes
Machine identity management for TLS, mTLS and SPIFFE in cloud native and Kubernetes environments
Simplify your Kubernetes machine identity management
CyberArk Certificate Manager for Kubernetes (formerly known as Venafi TLS Protect for Kubernetes) helps you to easily and reliably manage your machine identity security infrastructure in complex multi-cloud and multi-cluster cloud native environments.
It provides your organization with discovery, observability, control and consistency of cloud native machine identities, improving application reliability while reducing DevOps costs.
Monitor health and status of cloud native security infrastructure
Automate the discovery and security of all cloud native machine identities, including those not issued by cert-manager.
Define standardized policies and cert-manager configurations
Enforce consistent policies across all cloud native machine identities and rest easy knowing cert-manager is configured correctly across all clusters.
Scale depending on your cloud native needs
Whether you’re working across multi, hybrid and private clouds or anywhere in between, you can do so securely with long-term commercial support for cert-manager—including FIPS 140-2-compliant and signed, scanned builds.
Reliable, scalable, flexible machine identity management for your Kubernetes workloads
Certificate Manager for Kubernetes provides complete automation, discovery and control of machine identities across all your organization’s Kubernetes environments.
It not only helps you manage cloud native machine identities, but also monitors the health, status and configuration of cert-manager across all Kubernetes clusters, regardless of cloud platform configuration used.
Monitor health and status of security infrastructure.
- Discover SPIFFE, SVID, mTLS and TLS certificates, including those not issued by cert-manager.
- Observe the health of cert-manager across all Kubernetes clusters.
- Maintain visibility over the automation process, detect misconfigurations and prevent outages or misuse.
Define standardized policies and cert-manager configurations.
- Support pod-to-pod and service mesh configurations.
- Share policy and configurations across clusters and cloud providers for all TLS, mTLS and SPIFFE SVID certificates.
- Rest easy knowing that cert-manager is configured correctly across all clusters.
Maintain high performance with scalability and enterprise-hardened security.
- Scale depending on your needs across multi, hybrid and private clouds.
- Gain access to long-term commercial support for cert-manager and its components.
- Know you’re secure with FIPS 140-2 compliant builds of cert-manager, as well as signed, scanned builds.
Work with Certificate Manager for Kubernetes in the way that works best for you.
- Work with any number of cloud platforms, including multi-public, hybrid and public clouds across your enterprise.
- Use with a variety of Cloud and DevOps tools including secrets managers, CI/CD tools and CAs.
- Integrate with other CyberArk solutions, including CyberArk Workload Identity Manager, using the cloud native Kubernetes cert-manager API, or tap into our partner Ecosystem.
“[We got] best practice blueprints to maintain cloud security and compliance as we scale, as well as the ability to seamlessly extend our visibility across both classic on-premise and modern cloud infrastructure. That’s the closest thing to a silver bullet I’ve seen in my 25 years as a security professional.”
VP of Security
Global Bank
