Secretless on VM

JfcAtCyberArk · April 6, 2020, 9:02am

Hi there,

As Secretless is written in Go and as there are some packages listed under assets from the releases, I am wondering if it is supported to run Secretless as a service (directly on a VM) and not in a container?

Many thanks!

JFC

sgnn7 · April 6, 2020, 1:32pm

I am wondering if it is supported to run Secretless as a service (directly on a VM) and not in a container?

Hey @JfcAtCyberArk,
While our primary deployment target is Kubernetes-based infrastructure and we do not directly support running Secretless Broker as aservice at this time (Apr 2020), there should be nothing preventing you from running this code on a VM however security for VM-based broker is much harder to lock down. If I had to take a guess at the extra requirements it would be these but they probably need additional guidances that I may be missing:

You should only use Unix socket files (you must not use TCP ports).
You must lock down the service/files/sockets with appropriate Linux permissions to prevent unauthorized use of the authenticated tunnel.

If it’s really wanted as a fully-supported target with exact guidances, feel free to post this as a deployment target that you would like to see in our GitHub repo.

Srdjan

JfcAtCyberArk · April 6, 2020, 1:35pm

Thanks a lot @sgnn7!

system · April 13, 2020, 1:36pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Traffic Encryption Secretless Broker	1	498	April 1, 2020
Unix Socket Example Secretless Broker howto	5	656	April 8, 2020
What is Secretless Broker Secretless Broker	2	738	September 24, 2019
Secretless Broker SDK Secretless Broker	4	1824	December 5, 2019
Secretless Service Connector for MSSQL supports SSL Secretless Broker	0	491	April 14, 2020

Secretless on VM

Related Topics