CyberArk Conjur OSS
The Conjur provider (with identifier
conjur) populates credentials from an external
Secretless Broker configuration
To use the Conjur provider, Secretless must be configured to authenticate with Conjur. The Secretless Broker currently supports several methods of authenticating with Conjur (activating the first non-empty method in this order):
Conjur Kubernetes authenticator-based authentication
In this mode Secretless behaves as an authn-k8s-client and retrieves machine identity through orchestrator-facilitated attestation.
All methods also require
be set in the environment of the Secretless Broker. You may optionally
also include any other configuration environment variables that are
allowed by the Conjur Go Client Library.
When deploying applications to Kubernetes or OpenShift, the Kubernetes authenticator method of authenticating to Conjur is recommended.