Skip to content

Instantly share code, notes, and snippets.

@infamousjoeg

infamousjoeg/conjur-rotator.md

Created April 10, 2018 13:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save infamousjoeg/9f0776c16ee9415aee4dd8f8eb625a87 to your computer and use it in GitHub Desktop.
Save infamousjoeg/9f0776c16ee9415aee4dd8f8eb625a87 to your computer and use it in GitHub Desktop.
Download ZIP
CyberArk Conjur - Secrets Rotator Example
Raw
conjur-rotator.md

CyberArk Conjur - Secrets Rotation

Policy Showing AWS Secret Key Rotator

aws-policy.yml
 - !policy
   id: aws
   body:
     - !variable region
     - !variable access_key_id
     - !variable secret_key_proxy
     - !variable
       id: secret_access_key
       annotations:
         rotation/rotator: aws/secret_key
         rotation/ttl: P1D # 1 day

Rotate Immediately via Conjur CLI

$ conjur variable expire --now prod/aws/secret_access_key
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment