The last step before executing an authorized operation is, as needed, soliciting its approval from the other users that are authorized to provide approval. The Approval by Quorum feature enables an organization to assure that the execution of a sensitive operation must be approved by a certain number of quorum members.
- Quorum member
- - A user with the SOSecurity officer - UKC partition administrator role. role.
- - A user who is a member of a user group that lists the SOSecurity officer - UKC partition administrator role. role among the roles assigned to its users. See User Group.
- Sensitive operation
- - An operation that is declared as the one that requires quorum approval before it is executed.
- - For the list of the eligible or mandatory operations that require quorum approval, see Operations Protected by Quorum.
To enable this feature:
- Make sure that the number of approving members in the partition is more than one.
- Set the Quorum Size and Expiration. The quorum size must be higher than 1 and lower than the current number of the approving members.
1. Currently, the Approval by Quorum feature can't be enabled on the inherited partition or on a partition that supports certificate propagation.
2. Operation that requires quorum approval must be initiated by the quorum member.
A partition quorum settings are managed among the other CORE partition settings. Once the feature is enabled, the quorum settings apply to all sensitive operations.
The required quorum size and its validity period are attached to the required operation at the outset of the request. Subsequent changes to these settings do not impact the currently active requests.
Quorum size specifies the minimum number of approving members that are required to authorize the execution of a sensitive operation.
The quorum size can't exceed the number of approving members. In particular, DO NOT delete or discharge an approving member of its duties if such action might violate this rule. As needed, lower the quorum size before this action.
Quorum expiration specifies the number of days that the quorum approval request remains effective. It is attached to the required operation at the outset of the request. Subsequent changes to the quorum expiration do not impact it.
Once the approval by quorum feature is enabled, the following operations automatically require the quorum approval. Approval of these operations is mandatory and cannot be changed.
- Management of users with the SOSecurity officer - UKC partition administrator role. role
- Management of User Groups
- Management of Quorum Settings
- Change quorum size
- Add or Delete a sensitive operation
The following operations may be enabled to demand quorum approval in standard partition:
- Partition Configuration Change
- Modify the partition settings
- Key, Secret, and Certificate management
- Generate or Import key or secret
- Modify secret
- Export key
- Enable and Disable
- CRUDSet of Create, Read, Update and Delete operations. operations for:
- Refreshing ACActivation Code
- External Key Store
- External Key
In the root partition, you can also protect the following:
- Cluster Management
- Add/Delete a server pair or triplet
- Add/Delete an auxiliary server
The originator of the operation receives confirmation:
- In UI: A pop-up confirmation showing the number of the required approvals.
- In CLICommand Line Interface: Quorum transaction pending: <transaction ID> need total of <approvals>
To check the approval status, click Quorum Settings.
The Authorize Tab appears in partitions that activated the Quorum feature. A click on the tab opens Authorization Center that provides a means to track approval statuses, execute an approved operation, or cancel the pending. The Authorization Center provides the following services:
- My Requests - to show the status of the requests initiated by you.
- For Approval - to show the requests issued by other members, and not yet approved by you.
To examine the status of operations initiated by you, click My Requests. The list of quorum-controlled operations initiated by you appears.
The list presents the operations originated by you and their approval status:
- Ready for execution.
- Needs <N> approvals.
- Executed <successfully | not successfully>.
To get additional information, hover with the mouse over the operation and click. The data shows the required action and its initiator, the approval status, the list of members that already approved it, and additional info. For example:
The page also presents two options regarding the selected operation:
- The request has expired.
- Conditions that allowed the operation during its initiation have since changed.
An executed operation is removed from the other member "For Approval" lists.
Nonetheless, execution may fail due to one of the following reasons:
In such a case, examine the cause of the failure, delete the operation, and, if needed, re-issue it.
The deleted operation is erased from the Authorization Center records.
To inspect and approve operations pending the quorum approval, click the For Approval tab.
→ appear operations pending your approval.
Each row in the list presents the operation that may be inspected by clicking on it, the initiator, its age, and the number of the missing approvals
You may approve or, in the case that the originator has been discharged from the quorum - delete it.