Difficulty: Beginner
Estimated Time: 10 minutes

This tutorial will guide you how to secure application on Kubernetes using Conjur Open Source with OpenShift authenicator

Conjur is an open source security service that integrates with popular tools to provide data encryption, identity management for humans and machines, and role-based access control for sensitive secrets like passwords, SSH keys, and web services

Reference: https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture ga

Awesome! You have learnt how to secure application on Openshift using Conjur Open Source with Conjur authenicator

For more information, you can visit https://docs.conjur.org/Latest/en/Content/Integrations/kubernetes.htm

architecture

[Work in progress] Conjur Openshift Authentication

Step 1 of 13

Overview

This is scenario, we will guide you on how to secure the secrets used by your application on OpenShift, using Conjur OSS.

An simple REST API application will be deployed, and we will review its risk of having embedding password. Last but not least, we will remove the embedded secrets and secret it using Conjur OSS.

Agenda:

  • Setup OpenShift

  • Insecure App

    • Build
    • Deploy
    • Usage
    • Risk of embedded secrets
  • Setup Conjur

    • Deploy Conjur
    • Initalize Conjur
    • Change Admin Password
    • Load Policies
    • Initalize CA
  • Secure App

    • Build
    • Deploy
    • Usage
    • No more embedded secrets