Sign Up Schedule a Demo Login

AKEYLESS Blog

Better Protect Your Ansible Secrets and Privileged Access

A growing number of organizations are counting on Ansible for their configuration management. In order to operate Ansible, you need a multitude of permissions on target machines, such as SSH keys and passwords – highly sensitive information that needs trustworthy protection.

The Winner Takes It All

For this exact reason, configuration management tools, such as Ansible, have become an attack target as gatekeepers and aggregators of access and permissions to your workload environments; an especially lucrative target presenting a winner-takes-it-all prize.

 

Two Examples of Ansible Vulnerabilities

1.

The privileged Ansible admin access is vulnerable since it is not managed in a centralized way – a risky, error-prone management methodology that lacks permissions’ audit, monitoring and control – when someone leaves the organization their privileged access remains intact and vulnerable.

2.

Ansible, by default, keeps its encryption keys on its servers – already exposed. But there’s more. When a Secret is needed by the Clients it is sent by the Server encrypted. But, once the Secret reaches the Client it is saved in plaintext, leaving it completely vulnerable.

 

Use Akeyless to Better Protect Your Ansible Secrets, Identities, and Access

 

Akeyless’s Secrets management platform adds complete protection to your Ansible Secrets by providing two extra layers of security:

1. Secrets Management

  • Encrypting Secrets using decentralized encryption Key fragments (Akeyless DFC technology)
  • Segregation of Clients between different Ansible Playbooks and their Secrets

2. Privileged Access Management

  • Using short-lived temporary access
  • Easy to use and manage access with SSO

Benefits

  • Seamless onboarding
  • Unified, automated Secrets provisioning to all your DevOps platforms
  • Zero Trust encryption for all your Secrets
  • Simplified compliance with industry regulations as ISO 2700X, HIPAA, FIPS, SOC2 and more

 

 

Akeyless automated, centralized secrets management relieves you of the hassle associated with secrets management while protecting your secrets with zero trust encryption.

 

Recent Posts

March 27, 2020

AKEYLESS Wins Next Gen Secrets Management Award

May 04, 2020

Integrate Secrets Management into DevOps Workflow

May 04, 2020

Secrets Management for DevOps:
Best Practices

May 17, 2020

Eliminating SSH Keys is Possible

May 31, 2020

Secrets Management “Done Right” Improves Your DevOps KPIs

June 22, 2020

Just-in-time Access Done Right

July 22, 2020

An Absolute AppSec Episode with AKEYLESS

August 03, 2020

Better Protect Your Kubernetes Secrets and Privileged Access

August 16, 2020

Better Protect Your Ansible Secrets and Privileged Access

September 23, 2020

Using Akeyless Vault to Enable Zero Trust – Secure Access

AKEYLESS named Double Winner
in Cyber Defense Magazine
InfoSec Awards 2020!

Market Leader
Keys Management and Protection
Next Gen
Secrets Management and Protection
Learn About Our Solution