Modern infrastructure is evolving rapidly, and with it, the way organizations manage privileged access, secrets, and automation. As Kubernetes adoption accelerates and DevOps practices mature, security teams are under increasing pressure to provide seamless access without compromising control.
With the latest PrivX release, we continue to evolve our solution to better support cloud-native environments, secure Kubernetes operations, and automate infrastructure workflows.
The last release introduced API-Proxy, a foundational capability that brings role-based access control (RBAC) to Kubernetes environments through a secure, identity-driven approach.
With API-Proxy, PrivX acts as a secure intermediary between users and Kubernetes clusters. When a user executes commands through native tools like kubectl, PrivX intercepts and brokers the API communication, ensuring authentication, authorization, and session monitoring are enforced before any request reaches the Kubernetes API server.
This model eliminates the need for direct cluster access, reducing risk while maintaining a seamless developer experience. The latest release builds on this foundation with enhanced functionality, including:
New authentication methods for API targets, including basic authentication, client certificates, and ephemeral certificates
Support for retrieving client credentials in kubeconfig format
Improved searchability of recorded API sessions for better visibility and auditing
Additional security controls, such as automatic termination of API sessions when users are no longer actively logged in
Together, these enhancements strengthen control over Kubernetes access while improving usability and auditability.
In addition to securing access, this release introduces integration with the Kubernetes External Secrets Operator (K8S ESO), enabling a more secure and scalable approach to secrets management.
This integration allows applications running in Kubernetes clusters to securely retrieve secrets from the PrivX Vault. Instead of embedding sensitive credentials—such as API keys or database passwords—directly into manifests or container images, applications can reference externally managed secrets.
The External Secrets Operator synchronizes secrets from PrivX into native Kubernetes Secret objects, automatically creating or updating them as needed. This ensures that applications always have access to the latest credentials without exposing sensitive data. Key benefits include:
Centralized secret management across environments
Elimination of hard-coded credentials in code repositories
Improved compliance and auditability
Support for automated secret rotation policies
By decoupling secret storage from application deployment, organizations can significantly reduce expenses and tighten their attack surface while simplifying operations.
Alongside this release, PrivX has also introduced a new integration with Terraform Provider, enabling organizations to manage privileged access configurations using Infrastructure as Code (IaC). With Terraform, administrators can define and manage:
Roles
Access groups
Targets
Permissions and policies
This approach allows teams to automate configuration, enforce consistency, and version-control access policies as part of their existing DevOps workflows. The result is:
Reduced manual configuration effort
Fewer configuration errors
Faster provisioning of secure access
Improved auditability and governance
By integrating PrivX into IaC pipelines, organizations can align security with modern development practices.
To further support operational efficiency, PrivX now includes Ansible playbooks for installation and upgrades. These playbooks help enterprise teams standardize and automate the deployment lifecycle of PrivX components. The playbooks automate key tasks such as:
Preparing host environments
Installing PrivX components
Configuring dependencies
Upgrading existing deployments
Restarting and validating services
Verifying successful installation
Automating these processes reduces human error, accelerates deployments, and ensures consistent environments across infrastructure.
Our latest enhancements demonstrate a continued shift toward identity-driven access, automation, and cloud-native security. By combining secure Kubernetes access, centralized secret management, Infrastructure as Code, and automated deployment, PrivX enables organizations to move faster without sacrificing control.
As access, infrastructure, and security continue to converge, PrivX provides a unified platform designed to support what comes next.
Learn more about PrivX PAM >>>