Uploaded image for project: 'OpenShift API Server'
  1. OpenShift API Server
  2. API-1825 Document feasibility of KMS on OCP
  3. API-1696

What happens when KMS becomes unavailable and the DEK is not in cache

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • None
    • None
    • None
    • None
    • None

      Simulate a scenario where the KMS is unavailable and the kube-apiserver has been rolled-out and the DEK that was decrypted in its cache is not there anymore.

      Is there any degradation?
      How is the information surfaced to the user?

              Unassigned Unassigned
              dgrisonn@redhat.com Damien Grisonnet
              None
              None
              None
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: