-
Notifications
You must be signed in to change notification settings - Fork 0
Secret Rotation Procedure
The purpose of this procedure is to periodically rotate (change) secrets like passwords and certificates as a security best practice.
It is recommended, when supported by technology, to use automatic secret rotation and thus avoid the need for manual rotation on a periodic basis. There still needs to be a way to trigger the automatic rotation on-demand, or do it manually.
Trigger: the policy defines when this procedure should be initiated - either periodically, or on-demand.
Outcome: a secret value is changed and SPAR (new) continues to function properly.
There are two essential approaches to secret rotation:
-
The 'standard' approach results in an application outage. The following steps need to be done in a single change window to minimize the outage duration.
a. Disable the application functionality that relies on the secret. Alternatively, one may choose to accept the risk of failed end-user transactions during the period of the secret being changed.
b. Change the secret
c. Update the secret value in the application configuration and ensure it is applied. E.g. this might require a redeploy or restart to have the application pick back up the new configuration
d. Restart the application functionality (if any) shut down in step a.
-
To avoid any application outage, use the following approach. This requires a pair of secrets - one in use, and one not in use, but these steps can be done at different points in time.
a. Create a new secret (e.g. a new certificate), or change the secret (e.g. password for a 2nd account).
b. Update the application configuration to update the new secret / account. If necessary, redeploy or restart to have the application pick up the new configuration. This can be done at a later time from step a, e.g. after business hours or as part of the regular release.
c. Either retire the old secret/account, or keep it for the next rotation. The specifics for rotating a particular secret will vary and are documented as part of our repository.
Welcome to Evergreen Team Wiki page.