Secret Management
Set up secret management templates.
Module directories:
- •
secret_manager_github_pat/— GitHub PAT dispenser via GitHub Apps - •
secret-manager-cyberark-conjur/— CyberArk Conjur integration
$ARGUMENTS
Module Options
GitHub PAT Secret Manager (secret_manager_github_pat)
Creates a step template that generates temporary GitHub Personal Access Tokens via GitHub Apps. Enables commit/push operations in CI pipelines without long-lived tokens.
- •Inputs: organization_id (optional), project_id (optional), github_api_url, template_version
- •Level: Account, org, or project
CyberArk Conjur (secret-manager-cyberark-conjur)
Creates a step template for retrieving secrets from CyberArk Conjur vault.
- •Inputs: organization_id (optional), project_id (optional), template_name, template_version
- •Level: Account, org, or project
Conversation Flow
- •
"Which secret manager do you need?"
- •GitHub PAT dispenser — for CI pipelines that need to push code
- •CyberArk Conjur — for enterprise vault integration
- •Both
- •
"Where should the template be deployed?" (account / org / project level)
- •
For GitHub PAT: "What's your GitHub API URL?" (default: api.github.com)
- •
For CyberArk Conjur: "What should the template be named?" (default: "CyberArk Conjur")
- •
Generate tfvars, init, plan, confirm, apply for each selected module.
Prerequisites
- •None strictly required (can deploy at any level)