This lab is currently in Beta, content may be updated as we refine the material
LABBEGINNER

Policy as Code with Conjur

Author a multi-branch Conjur policy for an app and its database, load it, grant least-privilege access, and prove permit and deny behavior end to end.

45 minutes
Policy as Code with Conjur - Platform Engineering Hands-On Lab Icon

Lab Overview

This is the core Conjur 101 lab. You will author a declarative, multi-branch Conjur OSS policy that models a real workload: a "db" branch holding a database password variable and a database host, and an "app" branch holding an application host and a layer. You will load the policy into the running Conjur server, set secret values, then grant the app host least-privilege (read and execute) on ONLY the database password. Finally you will authenticate as the app host and prove the model works: the permitted secret is returned, while an un-permitted secret is denied. You will also practice loading, replacing, and updating policy safely and add a second consumer with least privilege. All work uses Conjur CLI v8 and policy YAML, never a web UI.

What You'll Learn

Author a multi-branch Conjur policy (root, db, app) in YAML

Load policy into a running Conjur server with conjur policy load

Set secret values into variables and grant least-privilege access with !permit

Authenticate as a non-admin host and prove permit and deny behavior

Choose correctly between policy load, replace, and update on a branch

Prerequisites

Completion of Lab 1 (Deploy Conjur OSS with Docker Compose) or equivalent familiarity

Conjur CLI v8 basics (init, login, list, whoami)

Basic YAML syntax

Basic understanding of RBAC concepts (roles, permissions)

Technologies Covered

conjurcyberarksecrets-managementpolicy-as-coderbacmachine-identityleast-privilegebeginner

Choose your plan

Simple, Transparent Pricing

Unlock full access to TeKanAid courses, labs, and bootcamps

Buying for a team? Private corporate training is available for up to 15 learners.View team training
MonthlyQuarterly

Pro

Course content without labs

$59/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Full access to all courses
  • Progress tracking
  • Certificate of completion
  • Community access
  • Bootcamp participation
  • New content access
Recommended

Premium

Full access with hands-on labs

$99/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Everything in Pro
  • Unlimited hands-on labs
  • Lab AI Assistant
  • Accelerator bootcamps with live office hours
  • Priority support
Get Access Now

Prefer a single course?

Purchase individual courses for a one-time fee of $79. Full access to course content, quizzes, certificates, and community features, lab access is not included.

Browse Courses

Try it free, no credit card

Three free ways to start. All bridge into the paid Premium catalog when you're ready.

▶ Start with free courses and labs🧩 Solve your first free puzzle📧 Get the free 7-day crash course

Not ready to commit? The crash course is email-only. No academy account required.

Ready to Get Started?

Start this hands-on lab and build real-world Platform Engineering skills

Get Access Now