How to secure the Conjur.identity that is created for an integration with Ansible or Summons ? It has host ID/Key in plain text and is placed on the client server.
Are there any other alternatives?
I presume you are using Summon and Summon-Conjur. From the Summon-Conjur documentation, the binary also support environment variables to be set with this same information. This is an alternative to the file.
Reference: GitHub - cyberark/summon-conjur: CyberArk Conjur provider for Summon
Hope this helps!
Hey there. Another option could be a combination of summon and the cyberark credential provider. But you are right. The summon integration on OS-Level requires id and key in a file or in environment parameters.
Let me check whether we can add a native integration of a credential provider to summon.