What kinds of delays are people seeing in the real world for the Conjur-Vault synchronizer? Are there any “guarantees” on maximum time?
Anyone tried lowering SYNC_INTERVAL_TIME from the default 300s?
We want to roll out rotation for nearly every secret, but it’s going to be really annoying if we have to tell internal users “it could take up to 5-10 minutes to get the new password synced”. Assuming password changes every 90 days, that’s a reduction in uptime to 99.995% (four and a half nines).
There’s dual accounts of course, but it’s annoying to create two copies of every secret and doubles the work needed. Plus it’s clunky in PVWA and requires some end user training.
We’re also curious if this might go up over time as we approach the per-LOB limit.