Hitting maximum service user creates an orphan ACL #2412
Labels
Backend
Backend tasks
Milestone
Comments
9 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What happened?
When approving an ACL request that had a new service user, the ACL request was denied because we reached the service account limit in that Aiven project.
After deleting some service users to be able to create new ones again the request still fails when accepting it.
Klaw first created the ACL on the Aiven side and then tried to create the service user, which failed because of the limit.
The problem is now, that the ACL on Aiven side was not deleted when the service user creation failed.
Therefore manual intervention to delete the ACL is required, before being able to accept the ACL request in Klaw.
What did you expect to happen?
On the second attempted approval:
Klaw should see the ACL is already created and perform a no-op on the acl creation and just create the service user.
OR
On the initial failure Klaw should remove the resources it created prior to the failure point.
What else do we need to know?
Reproduceable in Klaw 2.8.0
The text was updated successfully, but these errors were encountered: