You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Trousseau to migrate from one KMS provider to another
-->Why do we want to build it?
Chaning KMS is not a common operation but if it happens it should done in a smooth and secure way.
As Trousseau is the broker between the k8s api manager and the KMS, it should help in replacing the secrets encrypted with the old KMS with the new KMS.
-->How do we want to design it?
#103 will provide the ability to run contiguous KMS provider plugin in sidecars
This will help to perform a replace transaction in a secure and transparent way.
A safe switch might need to be thought of to handle this migration with a human validation.
The text was updated successfully, but these errors were encountered:
-->Is it linked to a user story? (use the "#" to tag the user story)
#50 - Result of Design meeting held on June 9th 2022 with @cvlc @mhmxs @vfiftyfive @rovandep
-->What do we want to build?
Trousseau to migrate from one KMS provider to another
-->Why do we want to build it?
Chaning KMS is not a common operation but if it happens it should done in a smooth and secure way.
As Trousseau is the broker between the k8s api manager and the KMS, it should help in replacing the secrets encrypted with the old KMS with the new KMS.
-->How do we want to design it?
#103 will provide the ability to run contiguous KMS provider plugin in sidecars
This will help to perform a replace transaction in a secure and transparent way.
A safe switch might need to be thought of to handle this migration with a human validation.
The text was updated successfully, but these errors were encountered: