AuthJanitor icon indicating copy to clipboard operation
AuthJanitor copied to clipboard
verified publisher icon microsoft

Downtime Predictor icon

Open anthturner opened this issue 5 years ago • 1 comments

Based on the features of the Providers in a Managed Secret, we can tell whether that rekeying can be performed with or without downtime.

That is, all ALCs need to support the 3-phase workflow of BeforeRekeying, CommitNewSecrets and AfterRekeying . All RKOs need to support the GetSecretToUseDuringRekeying method.

If all of the above is true, we can (theoretically) perform a zero-downtime rotation, and we should distinguish that in some way on the UI.

anthturner avatar May 14 '20 19:05 anthturner

This now just needs to be done in the UI; Providers now have self-awareness as to whether they can accomplish their actions without downtime.

anthturner avatar May 28 '20 15:05 anthturner