Issuing certificates to EKS clusters using ACM Private CA | Amazon Web Services

The Private CA Kubernetes cert-manager plugin is an open source plugin for cert-manager that offers a secure certificate authority solution for Kubernetes containers. ACM Private CA is AWS’s managed and highly available private CA service, and cert-manager is a widely-adopted solution for TLS certificate management in Kubernetes. Customers who use cert-manager for certificate lifecycle management can use this plugin with ACM Private CA to improve security over the default cert-manager CA, which stores keys in plaintext in server memory.

Kubernetes containers and applications use digital certificates to provide secure authentication and encryption over TLS. With this plugin, cert-manager requests TLS certificates from ACM Private CA, a highly available and auditable managed CA that secures CA keys using FIPS-validated Hardware Security Modules (HSMs). Together cert-manager and the plugin for ACM Private CA provide certificate automation for TLS in a range of configurations, including at the ingress, on the pod, and mutual TLS between pods. You can use the ACM Private CA Kubernetes cert-manager plugin with Amazon Elastic Kubernetes Service, self managed Kubernetes on AWS, and Kubernetes on-premises.

Learn more:

Subscribe: .
More AWS videos –
More AWS events videos –

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. Millions of customers — including the fastest-growing startups, largest enterprises, and leading government agencies — are using AWS to lower costs, become more agile, and innovate faster.

#ACM, #PCA #EKS #CertificateManager #Cryptography #AWS #AmazonWebServices #CloudComputing

Duration: 00:09:41
Publisher: Amazon Web Services
You can watch this video also at the source.