Difficulty: Beginner
Estimated Time: 10 minutes

This tutorial will guide you how to secure application on Kubernetes using Conjur Open Source with OpenShift authenicator

Conjur is an open source security service that integrates with popular tools to provide data encryption, identity management for humans and machines, and role-based access control for sensitive secrets like passwords, SSH keys, and web services

Reference: https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture ga

Awesome! You have learnt how to secure application on Openshift using Conjur Open Source with Conjur authenicator

For more information, you can visit https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture

[Work in progress] Conjur Openshift Authentication

Step 1 of 13

Overview

This is scenario, we will guide you on how to secure the secrets used by your application on OpenShift, using Conjur OSS.

An simple REST API application will be deployed, and we will review its risk of having embedding password. Last but not least, we will remove the embedded secrets and secret it using Conjur OSS.

Agenda:

  • Setup OpenShift

  • Insecure App

    • Build
    • Deploy
    • Usage
    • Risk of embedded secrets
  • Setup Conjur

    • Deploy Conjur
    • Initalize Conjur
    • Change Admin Password
    • Load Policies
    • Initalize CA
  • Secure App

    • Build
    • Deploy
    • Usage
    • No more embedded secrets
This tab will not be visible to users and provides only information to help authors when creating content.

Creating Katacoda Scenarios

Thanks for creating Katacoda scenarios. This tab is designed to help you as an author have quick access the information you need when creating scenarios.

Here are some useful links to get you started.

Running Katacoda Workshops

If you are planning to use Katacoda for workshops, please contact [email protected] to arrange capacity.

Debugging Scenarios

Below is the response from any background scripts run or files uploaded. This stream can aid debugging scenarios.

If you still need assistance, please contact [email protected]