Last active
March 2, 2022 13:59
-
-
Save infamousjoeg/82a391faf5836fd1c9cafae5a4f83b2b to your computer and use it in GitHub Desktop.
authn-k8s Kubernetes Secrets Application Policy Template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - !policy | |
| id: k8s-secrets-demo | |
| body: | |
| - &secrets | |
| - !variable secret1 | |
| - !variable secret2 | |
| - !host | |
| annotations: | |
| authn-k8s/namespace: namespace | |
| authn-k8s/service-account: k8ssecrets-account | |
| authn-k8s/authentication-container-name: cyberark-secrets-provider | |
| - !permit | |
| role: !host | |
| privileges: [ read, execute ] | |
| resources: *secrets | |
| - !permit | |
| role: !host k8s-secrets-demo | |
| privileges: [ read, authenticate ] | |
| resources: !webservice conjur/authn-k8s/prod |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment