Automated secrets protection throughout the devops pipeline
CyberArk Conjur built Ansible integrations to deliver off-the-shelf, automated secrets protection throughout the DevOps pipeline. DevOps and the automated software delivery pipeline create innovative, robust tools which can deploy environments, scripts and products, using powerful secrets to manage and control the pipeline and its outputs. Compromising these tools’ secrets can result in a vulnerable pipeline and products.
The CyberArk Conjur integration with Ansible enables DevOps and security teams to automatically secure and manage secrets used by CI/CD tools.
In addition, organizations can leverage the joint solution to automatically provision and secure secrets for new applications, microservices, scripts and systems.
AUTOMATE SECURITY BEST PRACTICEs
The joint solution enables organizations to automatically embed secrets management best practices throughout the DevOps pipeline. This is achieved using Ansible to automatically provision secrets used by machine identities (e.g., applications, containers, microservices and EC2) as they are created within the CyberArk Conjur solution for enhanced protection and management.
Further, secrets used by Ansible are secured and rotated by the CyberArk Conjur solution based on an organization’s policy. In addition, the joint solution enables secured and monitored privileged user access to the Ansible console.
SOLUTION BENEFITS
- Conduct secrets-protected configuration processes
- Automatically scale secrets protection throughout the dynamic IT environment
- Gain enhanced visibility into “who, when, why and what” took place during the privileged user session on the Ansible console
- Maintain a comprehensive audit trail for compliance initiatives
