Surprisingly this pattern was introduced to me a couple days ago in the Microsoft Fail Safe presentation from their virtual conference this week. A number of patterns were introduced as techniques to mitigate issues where failure may occur. The presenters have a book soon to be released on the topic of resilient patterns which I will introduce in a future editorial as soon as it is available.
While we’re waiting I’d like to present one of the patterns they introduced. The Valet Key pattern is a technique whereby you provide a consumer temporary access to resources within your infrastructure so that they may perform some action outside the norm of your system users without compromising your security, or consuming too much of your resources.
For example, you could provide someone with a valet key to perform an ad-hoc query on a sql database. The valet key authenticates the user, and returns a token with the capability to perform queries. The token would most likely have a time to live. Moreover, it would also have reduced permissions in the database, probably restricted to certain data, and restricted to read only capabilities.
The valet key would also restrict the amount of resources any query running in this fashion would be able to consume. A User making ad-hoc queries would not be able to execute a query that would consume so many SQL Server resources that other processes are degraded or even blocked.
We often have this kind of scenario in any production system where we need to ask questions we haven’t thought of before. The Valet Key pattern allows for this kind of scenario without disruption to the real time production activity requiring protection.
How would you implement a Valet Key in your system? Is it possible without a massive enterprise infrastructure? Is this something we should be considering in our current or new applications? Share your thoughts here or by email to btaylor@sswug.org.
Cheers,
Ben