Conjur Supports Indicating a Client About a Change in a Secret Value #825
Comments
|
@rafis3 can you elaborate on the value of such a feature? In which use-case will a client compare the timestamps? (i'm guessing it was for the Synchronizer, do we still need this feature?) |
|
@orenbm the value for this feature, is for apps that use secrets, to know when they are changing, to understand that they need to fetch them again. The first feature, is the more basic way to achieve that. As a client, you can understand if the value has changed or if it's still the same. You could occasionally pull and filter based on the change date, to get only the secrets that their value has changed in the timeframe that interests you. The second feature, is for the more advanced clients. It will allow the client to subscribe and listen actively on changes of certain chosen resources, and then receive the new value immediately. |
|
I'd definitely +1 this feature - polling from clients is just not a scalable solution vs a push notification and this would be very useful for issues like this one. Btw, I think conjur already keeps secret version numbers in history but sadly it doesn't provide absolute order but rather a moving index :/ |
|
We similarly want this feature. This is a huge complication for us and results in architectures that are more complex and difficult. |
|
Is there support from the owners to implement, if someone else decided to work on it? Any other advice on what to do here? |
Currently, when a Conjur secret has its value changed, the only way for a client to know about it, is if it compares the current version or the current value to the previous version or value.
The solution should be composed of two capabilities:
The text was updated successfully, but these errors were encountered: