Which statement is correct about CPM behavior in a distributed Vault environment?
Which statement is correct about CPM behavior in a distributed Vault environment?
CPMs should only access the primary Vault. When it is unavailable, CPM cannot access any Vault until another Vault is promoted as the new primary Vault. This behavior ensures data consistency and prevents split-brain scenarios in a distributed environment, maintaining a single source of truth for data management.
In a Distributed Vaults environment, CPMs can only access the Primary Vault, which is the single source of data. When the Primary Vault is unavailable, CPM cannot access any Vault until another Vault has been promoted as the new Primary Vault. https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/Latest/en/Content/PAS%20INST/Distributed-Vaults-Components-Features.htm#CPM
https://docs.cyberark.com/PAS/11.3/en/Content/PAS%20INST/Installing-CPM-in-Distributed-Vault-Environment.htm
The answer A. is stated directly in the documentation. This is to prevent the potential for split brain scenarios. https://docs.cyberark.com/PAS/Latest/en/Content/PAS%20INST/Distributed-Vaults-Components-Features.htm#CPM:~:text=the%20target%20machine.-,CPM,-In%20a%20Distributed