Conjur

Conjur is an open source secrets management platform developed under CyberArk (now acquired by Palo Alto Networks). It is designed to securely authenticate, control, and audit non-human access across tools, applications, containers, and cloud environments. The platform operates by centralizing the storage and distribution of secrets — such as credentials, API keys, and certificates — that applications and automated systems require to access critical infrastructure and sensitive resources. When an application requests access, Conjur authenticates the requestor, evaluates a security policy via Role-Based Access Control (RBAC), and then distributes the secret securely. Conjur's primary use cases include securing CI/CD pipelines by removing hard-coded secrets from DevOps toolchains, authenticating and managing secrets for containerized workloads, handling secrets in elastic and auto-scaling environments such as Kubernetes clusters, and centralizing secrets management across multi-cloud and multi-tool environments. The platform offers native integrations with widely used DevOps tools including Ansible, AWS, Jenkins, Kubernetes, OpenShift, Puppet, Terraform, and Cloud Foundry. It exposes a REST API, CLI, and SDK for programmatic access and supports a "Secretless Broker" pattern that isolates secrets entirely from application code. Conjur is available as an open source project hosted on GitHub. An enterprise upgrade path exists via CyberArk's Application Access Manager product. The project maintains a community forum and a monthly newsletter for open source users and contributors.