Difficulty: Beginner
Estimated Time: 10 minutes

This tutorial will guide you how to secure application on Kubernetes using Conjur Open Source with Kubernetes authenicator

Conjur is an open source security service that integrates with popular tools to provide data encryption, identity management for humans and machines, and role-based access control for sensitive secrets like passwords, SSH keys, and web services

Reference: https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture ga

Awesome! You have learnt how to secure application on Kubernetes using Conjur Open Source with Kubernetes authenicator

For more information, you can visit https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture

Conjur Kubernetes Authenticator & Secretless

Step 1 of 21

Overview

This is scenario, we will guide you on how to secure the secrets used by your application on Kubernetes, using Conjur OSS. We will use Minikube as the base platform, and deploy Conjur OSS on it. An simple REST API application will be deployed, and we will review its risk of having embedding password. Last but not least, we will remove the embedded secrets and secret it using Conjur OSS.

Agenda:

  • Setup Minikube

    • Start Minikube
    • Review Cluster Info
    • Enabling Dashboard
    • Enabling Tunnel
  • Insecure App

    • Build
    • Deploy
    • Usage
    • Risk of embedded secrets
  • Setup Conjur

    • Deploy Conjur
    • Initalize Conjur
    • Change Admin Password
    • Load Policies
    • Initalize CA
  • Secure App

    • Build
    • Deploy
    • Usage
    • No more embedded secrets
  • Secretless App

    • Deploy Database
    • Update Conjur for secretless
    • Deploy Add with Secretless
    • Test it!