Document caching strategy for Managed Identity v2 #5526
+114
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added detailed caching strategy and resilience plan for Managed Identity v2, including problem identification, proposed solutions, call sequence, cache renewal matrix, invalidation rules, and security considerations.
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
docs/msi_v2/caching_strategy.md
Outdated
| ## Solution (What’s Changing) | ||
| 1. **Probe once** (link-local) to detect **MSI v2** → cache result **in-proc**. | ||
| 2. Treat the **binding certificate** (from IMDS `/issuecredential`) as the **primary anchor** (~7-day validity); use it to get ATs. | ||
| 3. **Proactive renewal at half-life (+ small jitter)** to rotate well before expiry. |
Member
There was a problem hiding this comment.
Pls be precise. Specify:
- jitter (e.g. 5 min)
- if renewal should happen on front-end or back-end thread. I think front-end.
Contributor
There was a problem hiding this comment.
How is jitter calculated? Is it randomized per host/process or globally coordinated? Could jitter introduce any unintended renewal delays?
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
bgavrilMS
reviewed
Oct 9, 2025
Robbie-Microsoft
requested changes
Oct 15, 2025
Contributor
Robbie-Microsoft
left a comment
Robbie-Microsoft
left a comment
There was a problem hiding this comment.
- For each cache and renewal step, document what happens if the cache is missing, invalid, or corrupted.
- Outline (even briefly) the implementation details of the single-writer system.
docs/msi_v2/caching_strategy.md
Outdated
| # Managed Identity v2 (Attested TB) — Resilience & Caching Plan | ||
|
|
||
| ## TL;DR | ||
| We reduce cold-start latency and dependency risk for MSI v2 by caching safe, long-lived artifacts, coordinating renewal across processes, and keeping the hot path in memory. **MAA is used only to (re)issue the binding certificate**; bound AT acquisition relies on that cert. Result: fewer failures, less churn, smoother CX. |
Contributor
There was a problem hiding this comment.
What’s the fallback if the binding cert is lost or corrupted? Is there any emergency recovery path?
docs/msi_v2/caching_strategy.md
Outdated
| ## Solution (What’s Changing) | ||
| 1. **Probe once** (link-local) to detect **MSI v2** → cache result **in-proc**. | ||
| 2. Treat the **binding certificate** (from IMDS `/issuecredential`) as the **primary anchor** (~7-day validity); use it to get ATs. | ||
| 3. **Proactive renewal at half-life (+ small jitter)** to rotate well before expiry. |
Contributor
There was a problem hiding this comment.
How is jitter calculated? Is it randomized per host/process or globally coordinated? Could jitter introduce any unintended renewal delays?
Updated the caching strategy for MSI v2 to enhance resilience and reduce cold-start latency. Key changes include improved certificate renewal processes and better caching mechanisms.
Robbie-Microsoft
approved these changes
Nov 17, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added detailed caching strategy and resilience plan for Managed Identity v2, including problem identification, proposed solutions, call sequence, cache renewal matrix, invalidation rules, and security considerations.