You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the tidy operation in AppRole is running with many dangling accessors, it locks all the secret ID locks which prevents secret ids from being created. Depending on how long the tidy operation takes, this can cause an outage.
We should look at a way to either only lock when making modifications or possibly remove the locks in a safe way to allow for secret creation without potentially deleting the accessor.
The text was updated successfully, but these errors were encountered:
When the tidy operation in AppRole is running with many dangling accessors, it locks all the secret ID locks which prevents secret ids from being created. Depending on how long the tidy operation takes, this can cause an outage.
The locks in question can be found here:
https://github.com/hashicorp/vault/blob/master/builtin/credential/approle/path_tidy_user_id.go#L168-L171
We should look at a way to either only lock when making modifications or possibly remove the locks in a safe way to allow for secret creation without potentially deleting the accessor.
The text was updated successfully, but these errors were encountered: