Introduction
The integration between OpenShift and CyberArk Conjur Enterprise simplifies secrets management, strengthens container security and gives organizations the flexibility to more securely deploy enterprise applications at scale. Now organizations using OpenShift can leverage Conjur Enterprise to secure, manage and rotate secrets and other credentials, by securely passing secrets stored in Conjur to applications running in OpenShift. CyberArk Conjur ensures secrets are never exposed to third parties. The Conjur integration enhances security for OpenShift environments by providing:
- End-to-end encryption of secrets through mutual TLS (Transport Layer Security).
- Robust authentication and authorization incorporating Conjur policy, signed certificates, and an internal Kubernetes authenticator.
- Separation of duties and other policies by letting OpenShift security teams control container access while development teams define application requirements.
- Easy deployment of applications across environments and pods.
- Scalability and performance advantages of the Conjur master-follower architecture. As Followers provide read-only activity for client containers and applications, scale-out is easy by simply adding more followers.
- Secret rotation, centralized auditing, and all other advantages of Enterprise Conjur.
Most importantly, developers are able to easily meet security requirements by using APIs and code to secure secrets and access credentials without impacting velocity. Conjur was designed specifically for developers with the goal of letting developers focus on development without them needing to worry about security. For examples, security policies can be written and managed as-code, enabling security policies to be more easily established and managed.
CyberArk Conjur
CyberArk Conjur Enterprise is an enterprise-class secrets management solution designed to meet the needs of high velocity, dynamic DevOps environments, and CI/CD pipelines. Like other CyberArk solutions, Conjur Enterprise is security focused and incorporates robust security principals including machine identity, least privilege, role-based access control, policy as code, as well as segregation of duties for both human and non-human users (e.g., containers, micro-services, scripts, and machines).
True End to End Credential Management Across The Enterprise
An additional advantage of using CyberArk solutions is that enterprises have the ability for true end-to-end, policy-based secrets and credential management across their entire enterprise. CyberArk is widely deployed by enterprises across the globe, including over half of the Fortune 100, and is recognized as the #1 provider in privileged access security. So, importantly, with the integration between CyberArk Conjur Enterprise and Red Hat OpenShift, the CyberArk Enterprise Password Vault enables secrets and credential managed by the CyberArk Vault to be automatically replicated into OpenShift. Organizations can now consistently manage access credentials and secrets across on-premises, hybrid and native cloud environments, as well as for OpenShift and other DevOps tools. Of course, Conjur can also be used as a standalone solution that can be integrated if and when the enterprise is ready.
How It Works – OpenShift and Conjur
The deployment scripts deploy a Conjur cluster in an OpenShift project (OpenShift 3.3 or later). User applications are then deployed in different projects, which get access to Conjur through authenticated login orchestrated by an authentication sidecar. For additional details refer to the integration reference materials.
Getting Started with Conjur Enterprise and OpenShift
The CyberArk Conjur OpenShift Integration is available now. To learn more view the OpenShift Commons Briefing: CyberArk Conjur Secrets Management demo and webinar, contact sales, or visit CyberArk.com/Conjur. You can also have a demo at Red Hat Summit – booth#932.
Conjur Open Source Also Available
CyberArk Conjur Open Source is freely available and available for trial or download on GitHub or Conjur.org and with Conjur Open Source, you can also join the Conjur Slack to communicate directly with our engineers to ask questions and provide product feedback.
Sobre el autor
Chris Smith has extensive experience planning and executing sales strategies in the federal and commercial systems integrator market. As Vice President and General Manager of North American Public Sector for Red Hat, he delivers value to customers by coaching and motivating sales team members to exceed expectations, with a consultative approach to solving customer challenges.
Más similar
Navegar por canal
Automatización
Las últimas novedades en la automatización de la TI para los equipos, la tecnología y los entornos
Inteligencia artificial
Descubra las actualizaciones en las plataformas que permiten a los clientes ejecutar cargas de trabajo de inteligecia artificial en cualquier lugar
Nube híbrida abierta
Vea como construimos un futuro flexible con la nube híbrida
Seguridad
Vea las últimas novedades sobre cómo reducimos los riesgos en entornos y tecnologías
Edge computing
Conozca las actualizaciones en las plataformas que simplifican las operaciones en el edge
Infraestructura
Vea las últimas novedades sobre la plataforma Linux empresarial líder en el mundo
Aplicaciones
Conozca nuestras soluciones para abordar los desafíos más complejos de las aplicaciones
Programas originales
Vea historias divertidas de creadores y líderes en tecnología empresarial
Productos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servicios de nube
- Ver todos los productos
Herramientas
- Training y Certificación
- Mi cuenta
- Soporte al cliente
- Recursos para desarrolladores
- Busque un partner
- Red Hat Ecosystem Catalog
- Calculador de valor Red Hat
- Documentación
Realice pruebas, compras y ventas
Comunicarse
- Comuníquese con la oficina de ventas
- Comuníquese con el servicio al cliente
- Comuníquese con Red Hat Training
- Redes sociales
Acerca de Red Hat
Somos el proveedor líder a nivel mundial de soluciones empresariales de código abierto, incluyendo Linux, cloud, contenedores y Kubernetes. Ofrecemos soluciones reforzadas, las cuales permiten que las empresas trabajen en distintas plataformas y entornos con facilidad, desde el centro de datos principal hasta el extremo de la red.
Seleccionar idioma
Red Hat legal and privacy links
- Acerca de Red Hat
- Oportunidades de empleo
- Eventos
- Sedes
- Póngase en contacto con Red Hat
- Blog de Red Hat
- Diversidad, igualdad e inclusión
- Cool Stuff Store
- Red Hat Summit