-
Notifications
You must be signed in to change notification settings - Fork 4.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add the Tokenization/Rotation persistence issue as a Known Issue (#19542
) (#19558)
- Loading branch information
Showing
3 changed files
with
18 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
14 changes: 14 additions & 0 deletions
14
website/content/partials/tokenization-rotation-persistence.mdx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
### Rotation configuration persistence issue could lose Transform Tokenization key versions | ||
|
||
A rotation performed manually or via automatic time based rotation after | ||
restarting or leader change of Vault, where configuration of rotation was | ||
changed since the initial configuration of the tokenization transform can | ||
result in the loss of intermediate key versions. Tokenized values from | ||
these versions would not be decodeable. It is recommended that customers | ||
who have enabled automatic rotation disable it, and other customers avoid | ||
key rotation until the upcoming fix. | ||
|
||
#### Affected Versions | ||
|
||
This issue affects Vault Enterprise with ADP versions 1.10.x and higher. A | ||
fix will be released in Vault 1.11.9, 1.12.5, and 1.13.1. |