Conjur Keys plugin
This topic describes the Conjur Keys plugin and how to configure the plugin.
The Conjur Keys plugin can be used as a reconcile account for the Conjur Password plugin. For more information, see Conjur Password plugin.
Support
Target devices
The CPM supports remote account management for Conjur API key accounts on the following Conjur applications:
-
Conjur Enterprise 12.6 or later
Accounts
The CPM supports account management for the following accounts:
Platforms
In the PVWA Platform Management page, make sure that the following target account platform is displayed:
-
Conjur Keys
Actions
The following table lists the supported password management actions for this platform:
|
Action |
Supported |
Permissions |
|---|---|---|
|
Verify |
Yes |
N/A |
|
Change |
Yes |
N/A |
|
Reconcile |
Yes |
The user must have update permissions on the target account. For more information, see Predefined privilege values. |
|
Delete |
No |
N/A |
Reconcile account
|
Action |
Supported |
Required |
Platform |
Permissions |
|---|---|---|---|---|
|
Reconcile |
Yes |
No |
Conjur Keys |
The user must have update permissions on the target account. For more information, see Predefined privilege values. |
Configuration
Prerequisites
-
This plugin requires TLS 1.2 or 1.3. For more information about TLS configuration, see Conjur custom TLS configuration.
-
The Conjur Enterprise application certificate must be installed on the CPM machine.
Import platform
The Conjur plugin is available on the CyberArk Marketplace. Download the package, and import the platform.
Platform parameter
|
Parameter |
Description |
|---|---|
|
OrganizationAccount |
The account name of the Conjur Organization account. This is an API management account for Conjur Enterprise. Required: Yes Default value: None |
Account parameters
Required
|
Parameter |
Description |
|---|---|
|
Username |
The username or host name for the Conjur account. Default value: None |
|
Address |
The address of the Conjur Enterprise environment. For example: ConjurEnterpriseEnvironment.com Default value: None |
|
Password |
The API Key for the Conjur account. Default value: None |
|
ConjurAccountType |
The type of Conjur account. Valid values: User or Host Default value: None |
|
Conjur Enterprise Version |
The Conjur Enterprise version. Valid values: Conjur Enterprise full version number, for example, 12.6 Default value: None |
