Conjur CLI Setup

The Conjur CLI implements the Conjur REST API, providing an alternate interface for managing Conjur resources, including roles, privileges, policy, and secrets.

Start the Conjur CLI

You can start the Conjur CLI either as a Docker container or as a Ruby gem.

Docker container

The following command starts a highly secure ephemeral container for the CLI based on the latest pulled DockerHub image.

  
$ docker run --rm -it --name conjur-client --link <container-name> cyberark/conjur-cli:5

Variable

Description
<container-name>

If local, use the name of the Conjur Server.

If you are running the Conjur CLI on a separate machine the --link argument is not required.

To understand how to persist identity data so that subsequent sessions are quicker to start up, see the CLI readme.

Ruby Gem

If you have a Ruby environment, you may choose to install the Ruby gem. See the CLI readme.

Initialize the Conjur CLI

Enter the following command at the bash prompt:

  
conjur init --url <conjur-appliance-hostname> --account <organizational-account>

 

Variable

Description
<conjur-appliance-hostname>

The URL of the Conjur Server in the following format https://<host-name>.

<organizational-account>

The organizational account assigned to this Conjur Server during configuration.

Authenticate to the client

  1. Enter the following command at the bash prompt:

      
    conjur authn login <user-name>

    Variable

    Description
    <user-name>

    A valid Conjur username. You can use the built-in admin user.

  2. Enter the user password when prompted.

  3. For a list of valid commands, enter

      
    conjur --help

    or, see the Conjur CLI Reference.