Hi,I have just followed the Conjur Quickstart https://www.conjur.org/get-started/quick-start/oss-environment/.
I would like to know if the same conjur variable can be used in production and development environment with different values fetched for each environment?Is it possible by altering users and access permits without creating a separate account for each?
Hi @yogita,
It’s not possible to have Conjur return different values for the same secret, so you would need to fetch a different secret for each environment. It may be helpful to use branches in your policy to separate dev and prod environments.
Alternatively, you could have a separate instance of Conjur in each environment, and have the same secrets on each but with different values. This way you could have the same secret name but different values in each environment.
Hi @szh,
Thanks for the update.
If I create different branches for each environment in policy, secret names will differ.Is this correct?
Also for using different environments, how is it recommended to use from the below 2 ways:
1)Creating a separate Conjur account , one for prod and one for testing
2)Creating a completely separate Conjur server for each
If I create different branches for each environment in policy, secret names will differ.Is this correct?
Yes. For example, your dev secret may be /dev/db/password and your production secret would be /prod/db/password.
Also for using different environments, how is it recommended to use from the below 2 ways:
1)Creating a separate Conjur account , one for prod and one for testing
2)Creating a completely separate Conjur server for each
If you want to have the application interact in exactly the same way in both environments, you’d need two separate servers. If you can handle having some logic to use different accounts then you could get away with that.
Thanks for the clarification.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.