Is your feature request related to a problem? Please describe.
NVCF deployments need a supported key rotation path for NVCF Encryption Key (NEK) usage in the ESS Worker flow. Without a documented rotation path, operators may need manual procedures that are hard to validate, hard to repeat, and risky during upgrades.
Describe the solution you'd like
Add NEK key rotation support for ESS Worker.
The implementation should cover:
- Supported key rotation workflow.
- ESS Worker behavior before, during, and after rotation.
- Compatibility behavior for existing workloads.
- Failure handling and rollback guidance.
- Operator documentation for rotation prerequisites and validation.
Describe alternatives you've considered
Operators can rotate keys manually, but manual rotation is brittle and creates operational risk when workloads, secrets, or worker state are already active.
Additional context
Suggested acceptance criteria:
- NEK key rotation is supported for the ESS Worker path.
- Existing supported workloads continue to function across rotation.
- Failed rotation behavior is documented.
- Rollback or recovery guidance is documented.
Is your feature request related to a problem? Please describe.
NVCF deployments need a supported key rotation path for NVCF Encryption Key (NEK) usage in the ESS Worker flow. Without a documented rotation path, operators may need manual procedures that are hard to validate, hard to repeat, and risky during upgrades.
Describe the solution you'd like
Add NEK key rotation support for ESS Worker.
The implementation should cover:
Describe alternatives you've considered
Operators can rotate keys manually, but manual rotation is brittle and creates operational risk when workloads, secrets, or worker state are already active.
Additional context
Suggested acceptance criteria: