This week CyberArk has released a new release of Conjur that has reached the 13.1 version release. The Conjur appliance 13.1 has some important updates under the hood: the image container is based on Ubuntu 22.04.3 LTS (previously was based on Ubuntu 18.04.6LTS), PostgreSQL is now 15.4 (previously 10.23) and etcd has now riched the version 3.5.9 (previously was 3.5.7).
I'm personally excited about the big jump ahead of the PostgreSQL, which should dramatically improve the performance and resilience of the Conjur Followers and improve the communication with the Conjur leader, in the case of a failure.
This release includes, as usual, a good bunch of fixes and new features, I'll put below my preferred 3 features, to read the complete list, read this page.
Conjur Enterprise data sovereignty support
This feature is exciting because it allows the admin to define secret segregation based on follower identity and permits to not synchronize all secrets with all followers. With this release, this new functionality introduced with 13.0 is now expanded to all conjur follower types, Kubernetes Followers, and appliance followers. To read more about this, read this page.
OIDC authenticator supports custom CA certificates
Conjur now supports also custom self-signed certificates for OIDC and permits to import all the CA chain. This is useful because adds more flexibility to the customers who need this authenticator. To read more about it, read this page.
Enhanced CyberArk Vault Synchronizer
CyberArk has added more configuration flexibility to the Vault Synchronizer, because now a synchronizer could sync different safes with a single Vault to a single Conjur cluster. Also, the proxy support for the communication with CyberArk Vault and Conjur has been added. To read more about it, please read this page.
System requirements have been updated so take a look at the system requirements.
Based on our experience with previous releases, a recommendation is to stay larger with the storage, in case of an environment with many Kubernetes clusters.
Our advice to every Conjur customer is to plan and perform the update!
There are no breaking changes with previous releases, and the bug fixes with new features make the 13.1 an interesting release!
SIGHUP is an official Cyberark partner with years of hands-on experience in enterprise-grade and mission-critical environments, leading us to become an international Conjur and DevSecOps Centre of Excellence.