Introduction
The integration between OpenShift and CyberArk Conjur Enterprise simplifies secrets management, strengthens container security and gives organizations the flexibility to more securely deploy enterprise applications at scale. Now organizations using OpenShift can leverage Conjur Enterprise to secure, manage and rotate secrets and other credentials, by securely passing secrets stored in Conjur to applications running in OpenShift. CyberArk Conjur ensures secrets are never exposed to third parties. The Conjur integration enhances security for OpenShift environments by providing:
- End-to-end encryption of secrets through mutual TLS (Transport Layer Security).
- Robust authentication and authorization incorporating Conjur policy, signed certificates, and an internal Kubernetes authenticator.
- Separation of duties and other policies by letting OpenShift security teams control container access while development teams define application requirements.
- Easy deployment of applications across environments and pods.
- Scalability and performance advantages of the Conjur master-follower architecture. As Followers provide read-only activity for client containers and applications, scale-out is easy by simply adding more followers.
- Secret rotation, centralized auditing, and all other advantages of Enterprise Conjur.
Most importantly, developers are able to easily meet security requirements by using APIs and code to secure secrets and access credentials without impacting velocity. Conjur was designed specifically for developers with the goal of letting developers focus on development without them needing to worry about security. For examples, security policies can be written and managed as-code, enabling security policies to be more easily established and managed.
CyberArk Conjur
CyberArk Conjur Enterprise is an enterprise-class secrets management solution designed to meet the needs of high velocity, dynamic DevOps environments, and CI/CD pipelines. Like other CyberArk solutions, Conjur Enterprise is security focused and incorporates robust security principals including machine identity, least privilege, role-based access control, policy as code, as well as segregation of duties for both human and non-human users (e.g., containers, micro-services, scripts, and machines).
True End to End Credential Management Across The Enterprise
An additional advantage of using CyberArk solutions is that enterprises have the ability for true end-to-end, policy-based secrets and credential management across their entire enterprise. CyberArk is widely deployed by enterprises across the globe, including over half of the Fortune 100, and is recognized as the #1 provider in privileged access security. So, importantly, with the integration between CyberArk Conjur Enterprise and Red Hat OpenShift, the CyberArk Enterprise Password Vault enables secrets and credential managed by the CyberArk Vault to be automatically replicated into OpenShift. Organizations can now consistently manage access credentials and secrets across on-premises, hybrid and native cloud environments, as well as for OpenShift and other DevOps tools. Of course, Conjur can also be used as a standalone solution that can be integrated if and when the enterprise is ready.
How It Works – OpenShift and Conjur
The deployment scripts deploy a Conjur cluster in an OpenShift project (OpenShift 3.3 or later). User applications are then deployed in different projects, which get access to Conjur through authenticated login orchestrated by an authentication sidecar. For additional details refer to the integration reference materials.
Getting Started with Conjur Enterprise and OpenShift
The CyberArk Conjur OpenShift Integration is available now. To learn more view the OpenShift Commons Briefing: CyberArk Conjur Secrets Management demo and webinar, contact sales, or visit CyberArk.com/Conjur. You can also have a demo at Red Hat Summit – booth#932.
Conjur Open Source Also Available
CyberArk Conjur Open Source is freely available and available for trial or download on GitHub or Conjur.org and with Conjur Open Source, you can also join the Conjur Slack to communicate directly with our engineers to ask questions and provide product feedback.
執筆者紹介
Chris Smith has extensive experience planning and executing sales strategies in the federal and commercial systems integrator market. As Vice President and General Manager of North American Public Sector for Red Hat, he delivers value to customers by coaching and motivating sales team members to exceed expectations, with a consultative approach to solving customer challenges.
チャンネル別に見る
自動化
テクノロジー、チームおよび環境に関する IT 自動化の最新情報
AI (人工知能)
お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート
オープン・ハイブリッドクラウド
ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。
セキュリティ
環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報
エッジコンピューティング
エッジでの運用を単純化するプラットフォームのアップデート
インフラストラクチャ
世界有数のエンタープライズ向け Linux プラットフォームの最新情報
アプリケーション
アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細
オリジナル番組
エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー
製品
ツール
試用、購入、販売
コミュニケーション
Red Hat について
エンタープライズ・オープンソース・ソリューションのプロバイダーとして世界をリードする Red Hat は、Linux、クラウド、コンテナ、Kubernetes などのテクノロジーを提供しています。Red Hat は強化されたソリューションを提供し、コアデータセンターからネットワークエッジまで、企業が複数のプラットフォームおよび環境間で容易に運用できるようにしています。
言語を選択してください
Red Hat legal and privacy links
- Red Hat について
- 採用情報
- イベント
- 各国のオフィス
- Red Hat へのお問い合わせ
- Red Hat ブログ
- ダイバーシティ、エクイティ、およびインクルージョン
- Cool Stuff Store
- Red Hat Summit