Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

warn if removing a root key that was used for encrypting Variables #24591

Open
tgross opened this issue Dec 2, 2024 · 0 comments · May be fixed by #24766
Open

warn if removing a root key that was used for encrypting Variables #24591

tgross opened this issue Dec 2, 2024 · 0 comments · May be fixed by #24766
Assignees
@pkazmierczak
Labels
hcc/jira theme/keyring type/enhancement

Comments

@tgross
Copy link
Member

tgross commented Dec 2, 2024

The nomad operator root keyring remove command hits an RPC that checks if the key is currently active, but doesn't prevent the key from being removed if it's inactive but used to encrypt an existing Variable (or sign an existing Allocation). The GC job uses the same RPC, but has already checked that the key is not in use via the IsRootKeyInUse state store method.

We should have the Keyring.Delete RPC check the same method and return an error if the key is in use, unless a Force flag is set in the request. The GC job will always set that flag. Update the CLI to first send the request without Force and then ask the user to confirm their intent.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pkazmierczak pkazmierczak

Labels
hcc/jira theme/keyring type/enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

keyring: warn if removing a key that was used for encrypting variables hashicorp/nomad
2 participants
@pkazmierczak @tgross