generated from coulomb/repo-seed
44 lines
1.1 KiB
Markdown
44 lines
1.1 KiB
Markdown
# Pattern: Short-lived Credentials
|
|
|
|
Status: reviewed
|
|
Readiness target: RL3 production
|
|
Primary owners: NetKingdom, Railiance platform, flex-auth
|
|
Genesis family: Secrets and cryptography
|
|
|
|
## Problem
|
|
|
|
Static credentials remain useful after compromise and are difficult to
|
|
inventory, rotate, and scope.
|
|
|
|
## Context
|
|
|
|
Use this pattern for object storage, SSH, API tokens, database access,
|
|
workload secrets, and operator elevation.
|
|
|
|
## Forces
|
|
|
|
- Consumers need stable integration contracts.
|
|
- Backends differ in session or lease support.
|
|
- Refresh and expiration behavior must be tested.
|
|
- Audit must link issuance to actor, tenant, resource, and purpose.
|
|
|
|
## Solution
|
|
|
|
Prefer credentials with explicit TTL, scope, lease metadata, and
|
|
revocation path. Normalize issuance through identity, authorization,
|
|
and brokered secret authority.
|
|
|
|
## Verification
|
|
|
|
- Credentials include scope, expiry, and owner metadata.
|
|
- Consumers refresh before expiration.
|
|
- Expired credentials are rejected by backends.
|
|
- Issuance and revocation are auditable.
|
|
|
|
## Related Patterns
|
|
|
|
- STS Credential Vending.
|
|
- Dynamic Secrets.
|
|
- Short-Lived SSH Certificates.
|
|
- Time-boxed Privilege Elevation.
|