The integration with CF provides a unique identity to each application
running in a CF space. These identities are added to security policy as
can manage secrets, roles, and privileges for the CF applications the same as you
would for other applications.
The Conjur Service Broker can be installed in your CF deployment and used to grant your CF-deployed applications identities. Through these identities, you can grant your applications access to secrets stored in DAP. The Conjur Buildpack can be used to automatically inject secret values into your application's environment at runtime using Summon. Secrets may also be retrieved using one of our client libraries as an alternative to using the Buildpack, but the Buildpack provides a convenient mechanism for delivering secrets to applications.
- See our tutorial on Conjur with Cloud Foundry.
- Follow the installation instructions in the Service Broker documentation to install the Service Broker and the Buildpack.