Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQ] [Key Vault] Add configuration flag to delegate all cryptographic operations to service #40036

Open
2 tasks done
vcolin7 opened this issue May 3, 2024 · 0 comments · May be fixed by #40384
Open
2 tasks done

[FEATURE REQ] [Key Vault] Add configuration flag to delegate all cryptographic operations to service #40036

vcolin7 opened this issue May 3, 2024 · 0 comments · May be fixed by #40384
Assignees
@vcolin7
Labels
Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved. KeyVault
Milestone
2024-06

Comments

@vcolin7
Copy link
Member

vcolin7 commented May 3, 2024

Is your feature request related to a problem? Please describe.
From @sfc-gh-bschmidt:

[The CryptographyClient] doesn't allow us to configure [it] to not even try retrieving the local key. Using a version without support for completely disabling the local key retrieval would cause the following regressions for us:

  • We're using the key vault library to access a large number of customer managed keys. The cryptography clients are very short-lived. Trying the retrieval of the local key even once per client instance will introduce significant additional overhead and latency.

  • For each client creation with a customer managed key, customers will suddenly start seeing a denied Get operation in their access logs.

Describe the solution you'd like

[...] add support for configuring CryptographyClientBuilder to disable the local client completely

Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

  • Description Added
  • Expected solution specified
@vcolin7 vcolin7 added KeyVault Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved. labels May 3, 2024
@vcolin7 vcolin7 added this to the 2024-06 milestone May 3, 2024
@vcolin7 vcolin7 self-assigned this May 3, 2024
@vcolin7 vcolin7 linked a pull request May 29, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vcolin7 vcolin7

Labels
Client This issue points to a problem in the data-plane of the library. feature-request This issue requires a new behavior in the product in order be resolved. KeyVault
Projects
Azure SDK for Key Vault
Status: Todo
Milestone
2024-06
1 participant
@vcolin7