Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support Revocation within Collection #31

Open
cdmadrigal opened this issue May 12, 2023 · 0 comments
Open

Support Revocation within Collection #31

cdmadrigal opened this issue May 12, 2023 · 0 comments
Labels
enhancement New feature or request

Comments

@cdmadrigal
Copy link
Contributor

cdmadrigal commented May 12, 2023
edited
Loading

BUSINESS PROBLEM
Today when you delete and/or remove a certificate with the Ansible collection, the certificate is removed from the target system but not revoked and/or soft deleted. The requires Venafi admins to perform a separate action to either revoke or place the certificate within the recycling bin, rather than it being within the same process.

PROPOSED SOLUTION
Enhance the collection to support a revocation and/or soft delete flag. This would be optional, and the action would only occur if the flag is defined. It should not be default behavior.

Example:
Set soft_delete flag to 'true'. This would move the certificate to the recycling bin and disable it when the ansible playbook is run. This would most likely be paired with a delete action on the target system.

CURRENT ALTERNATIVES
Manually revoke certificates via the Trust Protection Platform. This is an out of band process and creates more works for our Venafi admins.
@cdmadrigal cdmadrigal added the enhancement New feature or request label May 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@cdmadrigal