Quorum Authorize Tab

The Approval by Quorum feature enables an organization that uses the CORE partition(s) to specify operations that must be approved by a quorum of entitled users. See Commands Protected by Quorum.

To participate in the quorum approval process, a user must have SOClosedSecurity officer - UKC partition administrator role. privileges assigned to it directly by its SOClosedSecurity officer - UKC partition administrator role. role or indirectly by membership in a user group that grants to its members the SOClosedSecurity officer - UKC partition administrator role. role.

Note
In this section, we use term SOClosedSecurity officer - UKC partition administrator role. to indicate a user with the SOClosedSecurity officer - UKC partition administrator role. privileges.

Quorum Basics

CORE quorum properties:

  • Execution of a quorum-protected operation:
    • Only SOs can initiate a quorum-protected operation.
    • The initiator of an operation is counted as the first approver.
    • The initiator must explicitly launch the operation once the quorum approves it.
  • To enable the quorum-based approval in a partition, modify the partition configuration by setting the Quorum Size to 2 and above (up to the number of the partition SOs).
  • To disable the quorum-based approval, set the quorum size to 1, and wait for the quorum to approve it.

The Authorize Tab provides a means to track approval statuses, finalize or cancel an approval-pending operation.

Execution Flow

  • The execution of the quorum-protected operation (once confirmed for its validity) is preempted and put on hold awaiting for the quorum approval.

      • Command approval flow

    The originator of the operation receives confirmation:

    Quorum transaction pending: 74263c21-0351-4df2-87f3-ec326f867e82 need total of 2

    To check the approval status, use Authorize Tab.

    Important
    Operation approval parameters are set at the initiation of the operation. Changes in the quorum settings do not affect an operation already awaiting quorum approval.

    Authorize Tab

    The Authorize Tab appears in partitions that activated the Quorum feature. The Authorization Center provides an SOClosedSecurity officer - UKC partition administrator role. the following services:

    • My Requests - This shows the status of the requests initiated by you.
    • For Approval - This shows the requests issued by other SOs and applicable for your approval.
    • Other - Requests that do not meet the above criteria (for example, requests already approved by you but not executed by their initiators).

    The following screen capture shows that there are 3 pending operations. Click the Authorize button to open the screen. It lists the requests:

    • One of the requests that were initiated by you is ready for execution.
    • There are two requests pending quorum approval.

      • Authorize Tab in UI

    My Requests

    To examine the status of operations initiated by you, click My Requests. The list of quorum-controlled operations initiated by you appears.

    The list presents approval status:

    • Ready for execution.
    • Need further approvals.
    • Have already been executed.

    To inspect a task, hover with the mouse over the operation names and click on the text for the relevant row. For example, clicking the "Ready for execution" text in the previous example shows the following:

    Status of approval

    • To execute an operation, select it and click Execute.

      • Executing an operation may result in an error that might happen for one of the following reasons:

      • The request has expired.
      • Conditions that allowed the operation during its initiation have since changed.

      In such a case, examine the cause of the failure, delete the operation, and, if needed, re-issue it.

    • To delete an operation, select it and click Delete.

      • The deleted operation is removed from the Authorization Center records. It no longer shows on other SOClosedSecurity officer - UKC partition administrator role. consoles.

      Note

      You can delete a pending operation regardless of its state.

    For Approval

    • To inspect and approve operations pending quorum approval,

      click the For Approval tab.

      → appear operations pending the quorum approval.
    • To inspect, approve or delete a pending request,

      select it, and click Approve or Delete.

      • Note

      Deleting an operation initiated by another SOClosedSecurity officer - UKC partition administrator role. may be required when the initiator is no longer associated with the quorum.

    Other Approvals

    The Other list is a repository of operations that do not require your action. In general, it archives approved requests.