A plugin which allows UrbanCode Deploy to get credentials from EPV via AIM, and to get secrets from Conjur for setting up a CI/CD workflow
gradle
- Login to UrbanCode Deploy web portal and go to "Settings > Automation Plugins"
- Click "Load Plugin". Select the complied plugin file and click "Submit"
- A new plugin named "CyberArk" is installed
The plugin can be used in process designer of "Process" & "Components", by dragging from the left menu area under "Security > CyberArk
This function allows credentials to be retrieve from Vault server via AIM CP.
Name |
Description |
Example |
Name |
Name of the step |
Get Password from Vault |
Path |
Absolute file path to clipasswordsdk |
/opt/CARKaim/sdk/clipasswordsdk |
Safe |
Safe of the credential stored |
DevOps |
Folder |
Folder of the credential stored |
Root |
Object |
Name of the credential object |
Website-Conjur-httpseval.conjur.org-cf-spring-app-01 |
AppID |
AppID defined in PVWA |
UCD |
Output Property - Password |
Property for storing retrieved credential |
CyberArk/Vault/Password |
Output Property - User Name |
Property for storing retrieved username |
CyberArk/Vault/User |
Output Property - Address |
Property for storing retrieved address |
CyberArk/Vault/Address |
Name |
Description |
<specified by "Output Property - Password", e.g. CyberArk/Vault/Password> |
Value of the credential |
<specified by "Output Property - User Name", e.g. CyberArk/Vault/User> |
User Name of the credential |
<specified by "Output Property - Address", e.g. CyberArk/Vault/Address> |
Address of the credential |
This step gets a short-lived access token, which can be used to authenticate requests to (most of) the rest of the Conjur API. A client can obtain an access token by presenting a valid login name and API key.
Name |
Description |
Example |
Name |
Name of the step |
Authenticate Conjur |
Account |
Organization account name |
|
Login |
Host name for authenicating Conjur |
cf-spring-app-01 |
API Key |
API Key for authenicating Conjur |
|
Conjur URL |
URL of Conjur cluster |
https://eval.conjur.org |
Proxy |
Proxy address for calling Conjur REST API. Leave it blank if direct connection is allowed |
ipv4.124.244.113.228.hybrid-web.global.blackspider.com:80 |
Output Property - Access Token |
Property for storing the return access token |
CyberArk/Conjur/AccessToken |
Name |
Description |
<specified by "Output Property - Access Token", e.g. CyberArk/Conjur/AccessToken> |
Short-lived access token |
Name |
Description |
Example |
Name |
Name of the step |
Get Variable from Conjur |
Account |
Organization account name |
|
Access Token |
Short-lived access token |
|
Variable ID |
ID of the variable |
db/prod/pws/db01/serviceA |
Conjur URL |
URL of Conjur cluster |
https://eval.conjur.org |
Proxy |
Proxy address for calling Conjur REST API. Leave it blank if direct connection is allowed |
ipv4.124.244.113.228.hybrid-web.global.blackspider.com:80 |
Output Property - Variable |
Property for storing the value of the secret |
CyberArk/Conjur/Variable |
Name |
Description |
<specified by "Output Property - Variable", e.g. CyberArk/Conjur/Variable> |
Value of the secret |