In is POC we create a Conjur OSS environment and retrieve a secret from Conjur from a .Net Framework 4.5 Console application.
Quick start setting up Conjur OSS environment with Docker : https://www.conjur.org/get-started/
About Conjur OSS : https://docs.conjur.org/Latest/en/Content/Overview/Conjur-OSS-Suite-Overview.html \
Refer to for more information :
Quickstart with Docker containers : https://www.conjur.org/get-started/quick-start/oss-environment/
Quickstart with the dotnet Api : https://github.com/cyberark/conjur-api-dotnet
Quickstart with the CLI https://github.com/cyberark/conjur-cli \
| Use case | Dotnet API | Conjur CLI |
|---|---|---|
| Create/initialize a client | Client Client(uri, account) | access the right container |
| Login to Conjur user | void client.LogIn(string userName, string password) | conjur authn login -u user |
| Add Conjur root certificate to system trust store | client.TrustedCertificates.ImportPem (string certPath) | / |
| List Conjur variables | IEnumerable client.ListVariables(string query = null) | conjur list |
| Create an host | Host client.CreateHost(string name, string hostFactoryToken) | In policy.yml |
| Create a Conjur policy object | Policy client.Policy(string policyName) | conjur policy |
| Load policy into Conjur | policy.LoadPolicy(Stream policyContent) | conjur policy load root policy/nameOfFile.yml > nameOfFileThatWillBeGenerated |
| Instantiate a Variable object | Variable client.Variable(string name) | / |
| Check if the current client/entity has the specified privilege on this variable | Boolean variable.Check(string privilege) | / |
| Add secret to variable | void variable.AddSecret(bytes val) | conjur variable values add variableName "secretAsAString" |
| String variable.GetValue() | Return the value of the current Variable | / |
refer to for more information : https://docs.conjur.org/Latest/en/Content/Operations/Policy/policy-overview.htm \
| Topic | Relevant Policy Statements | ||||
|---|---|---|---|---|---|
| Manage Policy | Policy | Permit | Deny | ||
| Manage Users | User | Group | Grant | Revoke | |
| Manage Machines | Host | Layer | Grant | Revoke | Host-factory |
| Manage Secrets | Variable | Permit | Deny | ||
| Manage DB Records | Delete | ||||
| Special Services | Webservice | Permit | |||
Exemple of policy : https://github.com/cyberark/conjur-quickstart/blob/main/conf/policy/BotApp.yml