<p>AWS Certificate Manager (ACM) now automates certificate provisioning and distribution for Kubernetes workloads through AWS Controllers for Kubernetes (ACK). Previously, ACM automated certificate management for AWS-integrated services like Application Load Balancers and CloudFront. However, using ACM certificates with applications terminating TLS in Kubernetes required manual steps: exporting certificates and private keys via API, creating Kubernetes Secrets, and updating them at renewal. This integration extends ACM's automation to any Kubernetes workload for both public and private certificates, enabling you to manage certificates using native Kubernetes APIs.<br> <br> With ACK, you define certificates as Kubernetes resources, and the ACK controller automates the complete certificate lifecycle: requesting certificates from ACM, exporting them after validation, updating Kubernetes Secrets with the certificate and private key, and automatically updating those Secrets at renewal. This enables you to use ACM exportable public certificates (launched in June 2025) for internet-facing workloads or AWS Private CA private certificates for internal services in Amazon EKS or other Kubernetes environments. Use cases include terminating TLS in application pods (NGINX, custom applications), securing service mesh communication (Istio, Linkerd), and managing certificates for third-party ingress controllers (NGINX Ingress, Traefik). You can also distribute certificates to hybrid and edge Kubernetes environments.<br> <br> This feature is available in all commercial, AWS GovCloud (US), and AWS China regions where ACM is available.<br> To learn more, visit the <a href="https://github.com/aws-controllers-k8s/acm-controller">Git hub link</a> or read our <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-exportable-certificates.html">documentation</a> and our <a href="https://aws.amazon.com/certificate-manager/pricing/">pricing page</a>.&nbsp;</p>

With Cedar coming to the CNCF sandbox, the authorization engine and policy language project seeks contributors to help create new language bindings.

Today, we’re excited to announce the Amazon Elastic Kubernetes Service (Amazon EKS) zero operator access posture. Because security is our top priority at Amazon Web Services (AWS), we designed an oper...

Today, we’re excited to announce the Amazon Elastic Kubernetes Service (Amazon EKS) zero operator access posture. Because security is our top priority at Amazon Web Services (AWS), we designed an oper...

The Cloud Native Computing Foundation’s flagship conference gathers adopters and technologists from leading open source and cloud native communities.