Conjur Helm Chart supports configuring Conjur with TLS

cyberark / conjur-oss-helm-chart

Helm chart for deploying Conjur OSS to Kubernetes

Apache License 2.0

27 stars 23 forks source link

Conjur Helm Chart supports configuring Conjur with TLS #11

Closed jvanderhoof closed 5 years ago

jvanderhoof commented 5 years ago

As a Conjur operator, I want to be able to configure OS Conjur to support TLS, so that I can use authn-k8s, which requires mTLS.

GIVEN a Kubernetes environment WHEN I deploy OS Conjur using the Helm chart THEN Conjur is configured with nginx to support TLS

mTLS is needed to support authn-k8s authentication within the same cluster between the Conjur OSS (master) instance and clients (conjur-authn-k8s-client) sidecar or init container using service accounts.

Estimate: 2 weeks Confidence: low

sgnn7 commented 5 years ago

More info: "it's a single instance of OSS that can communicate with a k8s authn client deployed to a pod"

Expectation (from the info we have right now) is that this mTLS is intra-cluster rather than the larger inter-cluster setup.

sgnn7 commented 5 years ago

Finally can get back to this. I will be trying to implement something like https://github.com/conjurinc/openshift-conjur-oss-deploy or https://github.com/conjurinc/container-appliance in the helm chart to move us forward with internal mTLS.

The story size is definitely not 2 days so I will update the estimate as well.

CC: @garkler