Skip to content

Secret Rotation Management

Many of the OSDU services use secret information, things like Oauth client credentials, cloud-specific items such as Redis keys, or airflow credentials.

One of the key advantages of using secrets is that they can be rotated to make it more difficult for attackers to leverage any secrets that may get compromised.

There is no current capability within OSDU for handling secrets rotation. We need the ability to consume secret rotation events across our services.

This could potentially be used in conjunction with the new Secrets service here: #75 (closed)

This is an exploratory issue to see what info we already have or what plans are already in place to address this.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information