Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Eliminate Requirement for conjur_ssl_certificate #547

Open
kanth222 opened this issue Sep 6, 2024 · 0 comments
Open

Eliminate Requirement for conjur_ssl_certificate #547

kanth222 opened this issue Sep 6, 2024 · 0 comments

Comments

@kanth222
Copy link

kanth222 commented Sep 6, 2024

Is your feature request related to a problem? Please describe.

Yes, the current requirement for the conjur_ssl_certificate in the CyberArk Secrets Provider for Kubernetes poses a challenge for users who need to regularly rotate SSL certificates. Each time the certificate is updated, it necessitates modifying the config map and restarting the pod, which can lead to downtime and operational overhead. This is particularly cumbersome in environments where certificate rotation is a common practice, as it disrupts the deployment process and increases the risk of human error.

Describe the solution you would like

I would like to see a feature that allows the CyberArk Secrets Provider to either not require the conjur_ssl_certificate at all or to automatically populate this variable based on the provided appliance URL. This would streamline the configuration process and reduce the need for manual updates and pod restarts, thereby improving the overall user experience and operational efficiency.

Describe alternatives you have considered

One alternative could be to implement a mechanism that allows for dynamic retrieval of the SSL certificate from the CyberArk appliance itself, rather than requiring it to be stored in a config map.

Additional context

This feature would greatly enhance the usability of the CyberArk Secrets Provider in Kubernetes environments, particularly for organizations that prioritize security and compliance through regular certificate rotation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant