---
title: CDM security
description: This topic describes several options for securing a CDM deployment of the Ping Identity Platform:
component: forgeops
version: 7.4
page_id: forgeops::how-to/security/overview
canonical_url: https://docs.pingidentity.com/forgeops/7.4/how-to/security/overview.html
---

# CDM security

This topic describes several options for securing a CDM deployment of the Ping Identity Platform:

[icon: user-secret, set=fas, size=3x]

#### [Secret Agent](secret-agent.html)

Kubernetes operator that generates secrets and provides cloud secret management.

[icon: lock, set=fas, size=3x]

#### [Secure Communications](https.html)

Secure HTTP and certificate management.

[icon: id-card, set=fas, size=3x]

#### [IP Address Restriction](restrict-access-ip-address.html)

Access restriction by incoming IP address, enforced by the Ingress-NGINX controller.

[icon: network-wired, set=fas, size=3x]

#### [Network Policies](network-policies.html)

Secure cross-pod communications, enforced by Kubernetes network policies.

[icon: user-friends, set=fas, size=3x]

#### [Cluster Access on AWS](multi-user-access-aws.html)

User entries in the Amazon EKS authorization configuration map.