Created
April 24, 2015 17:23
-
-
Save dustinmm80/2ce0750233966037da8e to your computer and use it in GitHub Desktop.
Conjur policies and variables
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# I have a policy named demo-factory-1-0 defined in policy.rb | |
# Let's create a development policy | |
conjur policy load --as-group v4/ops --collection development policy.rb | |
# The collection flag means our policy is named development/demo-factory-1-0 | |
# Any variables, groups, etc created will have the prefix development/demo-factory-1-0 | |
# Ex: I defined variable aws/access_key_id in policy.rb so it's name will be development/demo-factory-1-0/aws/access_key_id | |
# I can then go and add a value to that variable | |
# Now we can use the policy flag to conjur env to specify a prefix for the variables when retrieving them | |
conjur env run --policy development/demo-factory-1-0 -- myapp.sh | |
# Creating a production environment means that you're creating new resources with a different prefix | |
conjur policy load --as-group v4/ops --collection production policy.rb | |
# My variable is now production/demo-factory-1-0/aws/access_key_id and can be loaded with a different value | |
conjur env run --policy production/demo-factory-1-0 -- myapp.sh | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment