We all know that secrets vaulted in CyberArk are synced to Conjur and can be retrieved from Conjur by workloads. But if we store any secret directly in Conjur(without storing it in CyberArk), how can we review who is having access to that particular secret in Conjur ? Also is it recommended?
Are you using the user interface or the CLI. The user interface can show you permissions.
Hope this help. Rob
Thank you Rob, it helps. Just curious - are the secrets vaulted ONLY in Conjur are synced to CyberArk vault?
are the secrets vaulted ONLY in Conjur are synced to CyberArk vault
This forum is exclusively for Conjur and other open source projects. For Vault Synchronizer, please reach out to technical support. You can also try the CyberArk subreddit for community support.
The currently supported CyberArk synchronization is one way. This direction is from CyberArk PAM (via the Vault Synchronizer), to the Conjur Enterprise Leader (and then replicated to the standbys and followers accordingly). If you would like to synchronize secrets from Conjur Enterprise, back up to CyberArk PAM, you may have to find your own way to do this.
Hope this helps!