How to secure the Conjur.identity that is created for an integration with Ansible or Summons ? It has host ID/Key in plain text and is placed on the client server.
Are there any other alternatives?


I presume you are using Summon and Summon-Conjur. From the Summon-Conjur documentation, the binary also support environment variables to be set with this same information. This is an alternative to the file.

Reference: GitHub - cyberark/summon-conjur: CyberArk Conjur provider for Summon

Hope this helps!

Hey there. Another option could be a combination of summon and the cyberark credential provider. But you are right. The summon integration on OS-Level requires id and key in a file or in environment parameters.
Let me check whether we can add a native integration of a credential provider to summon.