Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cyberark/urbancode-conjur-aim

A plugin which allows UrbanCode Deploy to get credentials from EPV via AIM, and to get secrets from Conjur for setting up a CI/CD workflow
https://github.com/cyberark/urbancode-conjur-aim

conjbot-skip-stalepr

Last synced: 2 months ago
JSON representation

A plugin which allows UrbanCode Deploy to get credentials from EPV via AIM, and to get secrets from Conjur for setting up a CI/CD workflow

Host: GitHub
URL: https://github.com/cyberark/urbancode-conjur-aim
Owner: cyberark
License: apache-2.0
Created: 2018-01-13T04:25:56.000Z (about 7 years ago)
Default Branch: master
Last Pushed: 2022-01-17T06:44:19.000Z (about 3 years ago)
Last Synced: 2024-06-12T04:52:48.058Z (8 months ago)
Topics: conjbot-skip-stalepr
Language: Groovy
Size: 22.7 MB
Stars: 3
Watchers: 31
Forks: 4
Open Issues: 6
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # urbancode-conjur-aim

A plugin which allows UrbanCode Deploy to get credentials from EPV via AIM, and to get secrets from Conjur for setting up a CI/CD workflow

## Compiling Source

`gradle`

## Installation

1. Login to UrbanCode Deploy web portal and go to "Settings > Automation Plugins"

2. Click "Load Plugin".   Select the complied plugin file and click "Submit"

3. A new plugin named "CyberArk" is installed

## Usage

The plugin can be used in process designer of "Process" & "Components", by dragging from the left menu area under "Security > CyberArk

### AIM

#### Get Password from Vault

This function allows credentials to be retrieve from Vault server via AIM CP.

##### Input Fields

| Name | Description | Example |

| ---- | ----------- | ------- |

| Name | Name of the step | Get Password from Vault |

| Path | Absolute file path to clipasswordsdk |  /opt/CARKaim/sdk/clipasswordsdk |

| Safe | Safe of the credential stored | DevOps |

| Folder | Folder of the credential stored | Root | 

| Object | Name of the credential object | Website-Conjur-httpseval.conjur.org-cf-spring-app-01 |

| AppID  | AppID defined in PVWA  | UCD |

| Output Property - Password |  Property for storing retrieved credential | CyberArk/Vault/Password |

| Output Property - User Name | Property for storing retrieved username | CyberArk/Vault/User |

| Output Property - Address | Property for storing retrieved address | CyberArk/Vault/Address |

##### Output Fields

| Name |  Description |

| ---- | ----------- | 

|  	| Value of the credential | 

| 	| User Name of the credential | 

| 	| Address of the credential |

### Conjur

#### Authenticate Conjur

This step gets a [short-lived access token](https://www.conjur.org/reference/cryptography.html#authentication-tokens), which can be used to authenticate requests to (most of) the rest of the Conjur API. A client can obtain an access token by presenting a valid login name and API key.

##### Input Fields

| Name | Description | Example |

| ---- | ----------- | ------- |

| Name | Name of the step | Authenticate Conjur |

| Account | Organization account name	|  | 

| Login	| Host name for authenicating Conjur | cf-spring-app-01 | 

| API Key | API Key for authenicating Conjur	|  | 

| Conjur URL | URL of Conjur cluster | https://eval.conjur.org |

| Proxy | Proxy address for calling Conjur REST API. Leave it blank if direct connection is allowed |  ipv4.124.244.113.228.hybrid-web.global.blackspider.com:80 |

| Output Property - Access Token | Property for storing the return access token | CyberArk/Conjur/AccessToken |

##### Output Fields

| Name |  Description |

| ---- | ----------- | 

| 	| [Short-lived access token](https://www.conjur.org/reference/cryptography.html#authentication-tokens) | 

#### Get Variable from Conjur

##### Input Fields

| Name | Description | Example |

| ---- | ----------- | ------- |

| Name | Name of the step | Get Variable from Conjur |

| Account | Organization account name	 | |

| Access Token	| Short-lived access token	| |

| Variable ID	| ID of the variable |	db/prod/pws/db01/serviceA |

| Conjur URL |	URL of Conjur cluster |	https://eval.conjur.org |

| Proxy	| Proxy address for calling Conjur REST API. Leave it blank if direct connection is allowed | ipv4.124.244.113.228.hybrid-web.global.blackspider.com:80 |

| Output Property - Variable | Property for storing the value of the secret | CyberArk/Conjur/Variable |

##### Output Fields

| Name |  Description |

| ---- | ----------- | 

| 	| Value of the secret |