Битрикс для разработчиков
Embedded Group
Чат экстремального погром...
Qt
symfony
Ansible
Unity Engine: вопрос - от...
Nuxt.js | Vue SSR
Боты на Telegraf
Data Science Chat
Android Architecture
QA — русскоговорящее сооб...
DBA - русскоговорящее соо...
Tarantool
Unreal Engine
☁️ AWS_RU
Blender_ru: вопрос-ответ.
PostgreSQL + 1C + Linux
MongoDB Russian
Yandex Cloud - Официальны...
Git
DevsHelper
Big Data Science :: AI / ...
pro.kafka
3ds Max
1C
SwiftBook
Вокруг да около Zigbee
Android Declarative
freebsd_ru
Atlassian Community - Rus...
Чат про Fusion 360 и 3D
Substance Painter & Desig...
OctoberCMS
pro.graphon (and gamedev)
ru_gitlab
Godot Engine (Russian)
MySQL
Yii Framework 2
Data Engineers
Чат Tableau
Cinema 4D
Server Side Swift Develop...
Evolution CMS
Odoo talks & fun
Software Design/Architect...
pro.buildsystems
ErlangRus
Распознавание и синтез ре...
Compiler Development
Webpack — русскоговорящее...
embedded.rs Въевшаяся Ржа...
Yii Framework 3
pro.osdev - os developmen...
QA juniors
RUSCADASEC community: Киб...
ru_hashicorp
Kaggle
Grafana Loki
VictoriaMetrics_ru
.NET Group
Google Cloud Platform_ru
ITChat
DevSecOps - русскоговорящ...
![Netbeans [RU]](https://image.telq.org/channel_avatar_1102508152_467588515831589735_mini.jpeg){kind=avatar}
Netbeans [RU]
Привет, можете подсказать чем грозит это обновление https://www.vaultproject.io/docs/upgrading/upgrade-to-1.7.0#barrier-key-auto-rotation ? Barrier Key Auto-Rotation If your
Vault installation is at least a year old, the barrier key will be automatically rotated once, and then subsequently will be rotated per the settings in the new sys/rotate/config endpoint. This is a precaution to ensure the number of encryptions performed by the barrier key is fewer than that recommended by NIST SP 800-38D.
это значит, что я не смогу расшифровать предыдущие бекапы волта?
2 ответов
https://www.vaultproject.io/docs/internals/rotation > The rotate operation is used to change the encryption key used to protect data written to the storage backend. This key is never provided or visible to operators, who only have unseal keys. This simplifies the rotation, as it does not require the current key holders unlike the rekey operation. When rotate is triggered, a new encryption key is generated and added to a keyring. All new values written to the storage backend are encrypted with the new key. Old values written with previous encryption keys can still be decrypted since older keys are saved in the keyring. This allows key rotation to be done online, without an expensive re-encryption process.
dmitriy
Автор вопроса
упустил, спасибо. значит ничем
Похожие вопросы
Обсуждают сегодня