Conjur.identity

Piyush · May 23, 2023, 11:19am

How to secure the Conjur.identity that is created for an integration with Ansible or Summons ? It has host ID/Key in plain text and is placed on the client server.
Are there any other alternatives?

ECD · June 15, 2023, 4:57pm

@Piyush,

I presume you are using Summon and Summon-Conjur. From the Summon-Conjur documentation, the binary also support environment variables to be set with this same information. This is an alternative to the file.

Reference: GitHub - cyberark/summon-conjur: CyberArk Conjur provider for Summon

Hope this helps!

p.voehrs · June 24, 2023, 8:01am

Hey there. Another option could be a combination of summon and the cyberark credential provider. But you are right. The summon integration on OS-Level requires id and key in a file or in environment parameters.
Let me check whether we can add a native integration of a credential provider to summon.

Topic		Replies	Views
Conjur : Protect Host Identity API KEY : Windows Conjur Enterprise summon-conjur , conjur	3	264	November 21, 2022
Securing API Keys Referenced in Ansible Playbooks Conjur Enterprise	3	1135	December 16, 2020
Credentials for Summon (using /etc/conjur.identity) Secrets Management - Conjur, Secrets Hub & CP	5	309	September 27, 2023
Question about using environment variables in Summon Summon summon , summon-conjur , pcf , conjur-buildpack , dap	2	867	December 3, 2019
Environment Variables Python CLI Secrets Management - Conjur, Secrets Hub & CP opensource , conjur-cli	2	825	September 26, 2019

Conjur.identity

Related Topics