nautobot-app-secrets-providers icon indicating copy to clipboard operation
nautobot-app-secrets-providers copied to clipboard

Published 20 hours ago verified publisher icon nautobot

CyberArk Digital Vault secrets provider plugin

Open patk1002 opened this issue 2 years ago • 8 comments

Environment

  • Nautobot version: 1.2.10
  • secrets version: 0.1.0

Proposed Functionality

Use Case

Same use case as other Secrets use case but with a different provider, here Cyberark.

patk1002 avatar Mar 29 '22 18:03 patk1002

Some notes & resources if it can be useful:

  • https://pypi.org/project/conjur/ & https://pypi.org/project/conjur-client/
    • https://github.com/conjurinc/conjur-api-python3 -> https://github.com/cyberark/cyberark-conjur-cli
    • https://github.com/cyberark/cyberark-conjur-cli/commit/a2f9f912aa9696b1bda81122745647c43fa9ac49
  • https://pypi.org/project/conjur-api/
    • https://github.com/cyberark/conjur-cli-python -> https://github.com/cyberark/conjur-api-python
  • https://docs.conjur.org/Latest/en/Content/Overview/Conjur-OSS-Suite-Overview.html
    • https://docs.conjur.org/Latest/en/Content/Developer/Conjur_Auth_REST_APIs.htm
    • https://docs.conjur.org/Latest/en/Content/Developer/Conjur_API_Retrieve_Secret.htm

u1735067 avatar Mar 30 '22 12:03 u1735067

@patk1002 Thanks for the submission! We'll review this and get it on the backlog!

jathanism avatar Jun 29 '22 16:06 jathanism

I am working for Cyberark, and we would be really interesting on discussing how we could work together to achieve this feature :) Feel free to reach me out.

RobinBria avatar Aug 25 '22 12:08 RobinBria

@RobinBria - 2 open source locations you might look at are https://github.com/nautobot/nautobot/tree/develop/nautobot/extras/secrets (since CyberArk would likely be a Secrets Provider for Nautobot) and https://github.com/nautobot/nautobot/tree/develop/examples (a good overview source of example Nautobot code, especially the example_plugin folder)

patk1002 avatar Aug 25 '22 21:08 patk1002

I would love to have this working with Cyberark and I'm willing to be a tester.

MyGrayMatter avatar Sep 08 '22 15:09 MyGrayMatter

I second this, we will be implementing CyberArk soon and I would be willing to test this in our environment as well.

itsMrRobot avatar Nov 01 '22 16:11 itsMrRobot

We use cyber ark as well but so far we are only able to use it for creds on our nautobot config file. Would love to be able to use it for secrets too.

nathanielfernandez avatar Feb 28 '24 03:02 nathanielfernandez

If you can check the code i've done and test to improve the provider i made, i'll be happy to update it and make it as user-friendly as possible. I don't have any CyberARK instance at home btw, if someone of you have a solution to help me on this, i'll be able to test the code in a good way then and make improvements easier. Thanks in advance.

Never77 avatar Feb 28 '24 23:02 Never77