CyberArk CCP provider for Summon.
**Limitation: This provider does not support client certificate authentication using CCP, this feature will be added.
Pre-built binaries and packages are available from GitHub releases here.
Currently not supported
Currently not supported
Currently not supported
Otherwise, download the latest release and extract it to the directory /usr/local/lib/summon.
Give summon-provider-ccp a variable name and it will fetch it for you and print the value to stdout.
$ summon-provider-ccp "AppID=myApplication&Safe=appSafe&Object=the-identifying-name-of-the-object/Password"
my-application-passwordUsage of summon-provider-ccp:
-h, --help
show help (default: false)
-v, --verbose
be verbose (default: false)
Summon is a command-line tool that reads a file in secrets.yml format and injects secrets as environment variables into any process. Once the process exits, the secrets are gone.
Example
As an example let's use the env command:
Following installation, define your keys in a secrets.yml file
AWS_ACCESS_KEY_ID: !var AppID=myApplication&Safe=appSafe&Object=my-app-aws-access-key/AWSAccessKeyID
AWS_SECRET_ACCESS_KEY: !var AppID=myApplication&Safe=appSafe&Object=my-app-aws-access-key/ContentBy default, summon will look for secrets.yml in the directory it is called from and export the secret values to the environment of the command it wraps.
Wrap the env in summon:
$ summon --provider summon-provider-ccp env
...
AWS_ACCESS_KEY_ID=AKIAJS34242K1123J3K43
AWS_SECRET_ACCESS_KEY=A23MSKSKSJASHDIWM
...summon resolves the entries in secrets.yml with the conjur provider and makes the secret values available to the environment of the command env.
- Set the Environment Variable:
CYBERARK_CCP_URL: The url to the CCP server