-
Product editions -
Cloud services editions
Fully managed in the public cloud of your choice
-
Red Hat OpenShift Service on AWS
Jointly managed and supported by Red Hat and AWS
-
Microsoft Azure Red Hat OpenShift
Jointly managed and supported by Red Hat and Microsoft
-
Red Hat OpenShift Dedicated
Managed offering available on AWS or Google Cloud
-
Red Hat OpenShift on IBM Cloud
Jointly supported by Red Hat and IBM; managed by IBM
-
Self-managed editions
Granular control on your own infrastructure
-
Red Hat OpenShift Platform Plus
A complete platform for accelerating application development and application modernizations
-
Red Hat OpenShift Container Platform
A full set of operations and developer services and tools
-
Red Hat OpenShift Kubernetes Engine
Basic functionality of enterprise Kubernetes
-
Red Hat OpenShift Virtualization Engine
A streamlined solution focused exclusively on virtual machine workloads
-
Services & add-ons
A portfolio of managed cloud services and tools for Red Hat OpenShift
- Red Hat OpenShift AI
- Red Hat OpenShift Lightspeed
- Red Hat OpenShift Virtualization
- Red Hat Quay
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Developer Suite
- Red Hat OpenShift Consulting
Red Hat OpenShift 4.20 is here. Read the blog post
-
-
Documentation Cloud services editions
-
Explore Why Red Hat OpenShift?
-
Learn Guided offerings
Hands-on training and experiences to develop knowledge and skills for using OpenShift
- Red Hat OpenShift Virtualization training and certification
- Containers, Kubernetes and Red Hat OpenShift Technical Overview
- Red Hat OpenShift Administration I: Operating a Production Cluster
- Red Hat OpenShift Administration II: Operating a Production Kubernetes Cluster with exam
- Developing Applications with Red Hat OpenShift Serverless and Knative
- Modern Application Development Roadshow
Learning hubs
Learning materials and tools organized by top tasks for key OpenShift services
On-demand
-
Interactive labs
Scenario-based, preconfigured OpenShift environments in your web browser
-
OpenShift learning paths
Resources for beginners or experts, dev or ops
-
Red Hat OpenShift Library
Materials divided into chapters for self-managed and managed OpenShift customers
-
Ask an OpenShift Admin
Livestream episodes on OpenShift topics and cloud-native tooling
-
Get started Try Red Hat OpenShift
-
Red Hat OpenShift Service on AWS hands-on experience
Get access to a free 8 hour hands-on experience of ROSA in a Red Hat owned demo environment
-
Red Hat OpenShift Container Platform
Self-managed on OpenShift Container Platform, in the cloud, on your computer, or in your datacenter
-
Red Hat OpenShift Dedicated
Fully managed OpenShift Dedicated trial cluster with self-service sign-up and cluster provisioning in your Google Cloud account
-
Developer sandbox
Instant access to your own minimal, preconfigured environment for development and testing
Buy Red Hat OpenShift
-
Red Hat OpenShift Service on AWS
A pay-as-you-go, fully managed turnkey application platform which allows organizations to quickly build, deploy, and scale applications in a native AWS environment
-
Azure Red Hat OpenShift
A pay-as-you-go, turnkey application platform that provides highly available, fully managed OpenShift clusters on demand
-
Red Hat OpenShift Service on AWS hands-on experience
Zero trust workload identity manager
What is zero trust workload identity manager?
Zero trust workload identity manager is an OpenShift operator that uses a SPIFFE/SPIRE framework to simplify the management of workload identity across multiple clouds, inconsistent identity schemas, and risky, long-lived credentials. Zero trust workload identity manager provides a single, universal identity framework for all your workloads whether they're in containers or virtual machines, on any cloud, datacenter, or edge location. Automatically issue short-lived, verifiable identities so your services can securely connect without juggling API keys—enhancing your organization’s zero trust posture.
What are SPIFFE and SPIRE?
SPIFFE and SPIRE define a way to enforce zero trust in hybrid cloud environments through identity management in varied computing environments.
Why use zero trust workload identity manager
Juggling different identity schemas and federation setups for each cloud provider is complex, error-prone, and hard to scale. Even static, long-lived credentials like API keys pose significant security risks. Many teams are already overburdened with simply maintaining the platform, and deploying critical security infrastructure like SPIRE is complex and time-consuming.
Zero trust workload identity manager is included with Red Hat Advanced Cluster Management, Red Hat Advanced Cluster Security, and Red Hat OpenShift Platform Plus. It lets you start federating identity and stop juggling credentials, go beyond basic authentication, and deploy workload identity as a Day 2 operation. It abstracts away complex configurations, allowing you to seamlessly issue and rotate verifiable, short-lived identities for every workload in your environment.
With powerful node and workload attestation, zero trust workload identity manager issues identities only after the underlying infrastructure integrity is verified. With a unified identity plane, you can enable secure cross-cloud communication, simplify access to secret stores like HashiCorp Vault, and integrate with tools like Istio and Sigstore to build a true end-to-end zero trust architecture.
Features and benefits
Keep learning about zero trust security
Article
What is zero trust?
Zero trust is an approach to designing security architectures based on the premise that every interaction begins in an untrusted state.
Blog post
Zero trust and sovereignty for cloud-native and AI workloads
A modern, integrated approach applies the principles of zero trust across the entire application lifecycle, and helps ensure compliance with data residency, privacy, and legal boundaries.
Article
What is confidential computing?
Confidential computing addresses a crucial gap in data security by creating isolated workload environments to secure data while it’s in use, helping organizations improve their zero trust posture.
