Approval by Quorum

The last step before executing an authorized operation is, as needed, soliciting its approval from the other users that are authorized to provide approval. The Approval by Quorum feature enables an organization to assure that the execution of a sensitive operation must be approved by a certain number of quorum members.

Quorum member
- A user with the SOClosedSecurity officer - UKC partition administrator role. role.
- A user who is a member of a user group that lists the SOClosedSecurity officer - UKC partition administrator role. role among the roles assigned to its users. See User Group.
Sensitive operation
- An operation that is declared as the one that requires quorum approval before it is executed.
- For the list of the eligible or mandatory operations that require quorum approval, see Operations Protected by Quorum.

To enable this feature:

  • Make sure that the number of approving members in the partition is more than one.
  • Set the Quorum Size and Expiration. The quorum size must be higher than 1 and lower than the current number of the approving members.

Notes:
1. Currently, the Approval by Quorum feature can't be enabled on the inherited partition or on a partition that supports certificate propagation.
2. Operation that requires quorum approval must be initiated by the quorum member.

Quorum Settings

A partition quorum settings are managed among the other CORE partition settings. Once the feature is enabled, the quorum settings apply to all sensitive operations.

Quorum Size and Expiration

The required quorum size and its validity period are attached to the required operation at the outset of the request. Subsequent changes to these settings do not impact the currently active requests.

Quorum size specifies the minimum number of approving members that are required to authorize the execution of a sensitive operation.

The quorum size can't exceed the number of approving members. In particular, DO NOT delete or discharge an approving member of its duties if such action might violate this rule. As needed, lower the quorum size before this action.

Quorum expiration specifies the number of days that the quorum approval request remains effective. It is attached to the required operation at the outset of the request. Subsequent changes to the quorum expiration do not impact it.

Operations Protected by Quorum

Once the approval by quorum feature is enabled, the following operations automatically require the quorum approval. Approval of these operations is mandatory and cannot be changed.

The following operations may be enabled to demand quorum approval in standard partition:

In the root partition, you can also protect the following:

    Cluster Management
    Add/Delete a server pair or triplet
    Add/Delete an auxiliary server

Quorum Approval Flow

Execution Flow

  • The execution of the quorum-protected operation (once confirmed for its validity) is preempted and put on hold.
  • Execution flow of a command controlled by SO quorum

    The originator of the operation receives confirmation:

    • In UI: A pop-up confirmation showing the number of the required approvals.
    • In CLIClosedCommand Line Interface: Quorum transaction pending: <transaction ID> need total of <approvals>

    To check the approval status, click Quorum Settings.

    Authorize Tab

    The Authorize Tab appears in partitions that activated the Quorum feature. A click on the tab opens Authorization Center that provides a means to track approval statuses, execute an approved operation, or cancel the pending. The Authorization Center provides the following services:

    • My Requests - to show the status of the requests initiated by you.
    • For Approval - to show the requests issued by other members, and not yet approved by you.

    My Requests

    To examine the status of operations initiated by you, click My Requests. The list of quorum-controlled operations initiated by you appears.

    The list presents the operations originated by you and their approval status:

    • Ready for execution.
    • Needs <N> approvals.
    • Executed <successfully | not successfully>.

    To get additional information, hover with the mouse over the operation and click. The data shows the required action and its initiator, the approval status, the list of members that already approved it, and additional info. For example:

    Quorum request status

    The page also presents two options regarding the selected operation:

    • Execute
    • An executed operation is removed from the other member "For Approval" lists.

      Nonetheless, execution may fail due to one of the following reasons:

      • The request has expired.
      • Conditions that allowed the operation during its initiation have since changed.

      In such a case, examine the cause of the failure, delete the operation, and, if needed, re-issue it.

    • Delete
    • The deleted operation is erased from the Authorization Center records.

    For Approval

    To inspect and approve operations pending the quorum approval, click the For Approval tab.
    → appear operations pending your approval.

    Each row in the list presents the operation that may be inspected by clicking on it, the initiator, its age, and the number of the missing approvals

    You may approve or, in the case that the originator has been discharged from the quorum - delete it.