How do I get started securing Ansible playbooks with Conjur?
1 Like
I also heard there was a free tool (not sure if it is Open Source) that I can use to scan Ansible Playbooks for unprotected credentials. How do I access it?
1 Like
From what I know, as of Ansible v2.5 there is lookup plugin:
https://docs.ansible.com/ansible/latest/plugins/lookup/conjur_variable.html
This allows to use that lookup plugin for secrets in their playbooks that are stored in Conjur.
Depending, when using Ansible Tower, there is a native integration out of the box in v3.5.1 with support for both Conjur and AIM
https://docs.ansible.com/ansible-tower/latest/html/userguide/credential_plugins.html
There’s also a plugin for machine identity here:
And an ansible automation collection repo here:
I am not sure if this info helps. If you find more exactly what you were looking for originally, please, share 
Thanks.
Jose
2 Likes
I just gave a talk at AnsibleFest 2019 that runs through everything we can do with Conjur & Ansible today!
Check out my deck from the talk at: https://www.slideshare.net/JoeGarciaCISSP/security-at-inception-ansible-orchestration-meets-secrets-management
I’ll try to do a webinar in the near future for everyone through CyberArk giving the talk again with Q&A.
3 Likes
Can you confirm Ansible Tower 3.5.1 works with Conjur Open Source (as well as the enterprise version of AAM) and that selecting CyberArk to be the credential store for Ansible Tower is just a configuration selection from a menu
This topic was automatically closed 60 minutes after the last reply. New replies are no longer allowed.
