Zero trust workload identity manager generally available on Red Hat OpenShift

Zero trust workload identity manager generally available on Red Hat OpenShift Based on upstream SPIRE What zero trust workload identity manager delivers Agentic AI and the need for strong identity Why it matters Looking ahead Red Hat OpenShift Container Platform | Product Trial About the authors Anjali Telang Trilok Geer More like this Introducing OpenShift Service Mesh 3.2 with Istio’s ambient mode Context as architecture: A practical look at retrieval-augmented generation Data Security 101 | Compiler Technically Speaking | Build a production-ready AI toolbox Keep exploring Browse by channel Automation Artificial intelligence Open hybrid cloud Security Edge computing Infrastructure Applications Virtualization Share We’re excited to announce the general availability of zero trust workload identity manager , a Red Hat solution that delivers universal, runtime-attested identities for workloads in your cloud-native deployments. Modern applications run across multiple clusters, clouds, and regions, and traditional identity mechanisms—long-lived secrets, static certificates, or provider-specific Identity and Access Management (IAM)—struggle to keep up. Zero trust workload identity manager solves this by issuing ephemeral, cryptographically attested identities to workloads at runtime. This enables your applications to prove what they are, not just where they run. This universal workload identity model is foundational to building zero trust architectures: No workload is trusted by default. Every identity is issued only after successful attestation of the workload. Identities are automatically rotated and stored in a security-focused manner. Applications communicate securely across organizational, cluster, and cloud boundaries. Zero trust workload identity manager is based on the upstream SPIRE project, the reference implementation of the SPIFFE standard for workload identity. SPIRE provides the control plane for attestation, identity issuance, rotation, and security-focused storage - enabling workloads to receive short-lived, verifiable identities that integrate into your existing infrastructure. SPIFFE/SPIRE supports multiple workload form factors, including both virtual machines (VMs) and containers, and zero trust workload identity manager can provide consistent identity management across heterogeneous environments. By building on SPIRE, Red Hat extends trusted, open source technology with enterprise-ready capabilities such as multicluster federation, bring-your-own database support, and flexible configuration options.