Cloud Foundry

To integrate with Cloud Foundry (CF), DAP offers the Conjur Service Broker and Conjur Buildpack.

Overview

The integration with CF provides a unique identity to each application running in a CF space. These identities are added to security policy as hosts. You can manage secrets, roles, and privileges for the CF applications the same as you would for other applications.

The Conjur Service Broker can be installed in your CF deployment and used to grant your CF-deployed applications identities. Through these identities, you can grant your applications access to secrets stored in DAP. The Conjur Buildpack can be used to automatically inject secret values into your application's environment at runtime using Summon. Secrets may also be retrieved using one of our client libraries as an alternative to using the Buildpack, but the Buildpack provides a convenient mechanism for delivering secrets to applications.

Get started

  • See our tutorial on Conjur with Cloud Foundry.
  • Follow the installation instructions in the Service Broker documentation to install the Service Broker and the Buildpack.