filmov
tv
CyberArk-Ansible end to end demo - 1: Secure Privilege Access (static servers)
Показать описание
[ The Story ]
The company is going to launch a new website.
An operator needs to update the DNS records so that the users will be redirected to a nice under-construction website.
In order to provide centralized management & logging in Ansible Tower, this operator is allowed to update playbooks and can only execute them via Ansible Tower (i.e. cannot run the playbook directly using command line interface)
CyberArk is used to secure the whole progress.
[ Use Case 1- Secure Privilege Access (static servers) ]
1. User authenticates to PVWA
2. OS credentials (passwords & SSH) are securely stored in Vault server
3. EPV / SSHKM automatically rotates the credentials
4. User access the target machines via PSM without knowing the credentials 5. PSM/OPM can enforce command-filtering
The company is going to launch a new website.
An operator needs to update the DNS records so that the users will be redirected to a nice under-construction website.
In order to provide centralized management & logging in Ansible Tower, this operator is allowed to update playbooks and can only execute them via Ansible Tower (i.e. cannot run the playbook directly using command line interface)
CyberArk is used to secure the whole progress.
[ Use Case 1- Secure Privilege Access (static servers) ]
1. User authenticates to PVWA
2. OS credentials (passwords & SSH) are securely stored in Vault server
3. EPV / SSHKM automatically rotates the credentials
4. User access the target machines via PSM without knowing the credentials 5. PSM/OPM can enforce command-filtering
0:02:45
0:04:13
0:03:33
0:02:34
0:14:54
0:10:20
0:04:48
0:35:19
0:00:30
0:01:58
0:12:24
0:17:07
0:00:46
0:05:57
0:19:58
0:03:49
0:03:40
0:51:47
0:26:01
0:38:36
0:08:06
0:52:15
0:00:42
0:02:16