If a server is deleted, the credentials associated with it will currently remain in place indefinitely until either the server is replaced or the credential is manually deleted. This is inconvenient when trying to intentionally rotate the server to a new set of credentials.
Describe the Solution You Would Like
We should allow the reaper to clean up credentials that don't have a backing server after a specified time has elapsed.
Describe Alternatives You've Considered
We could immediately make credentials that don't have a corresponding server invalid.
Use Case
If a server is deleted, the credentials associated with it will currently remain in place indefinitely until either the server is replaced or the credential is manually deleted. This is inconvenient when trying to intentionally rotate the server to a new set of credentials.
Describe the Solution You Would Like
We should allow the reaper to clean up credentials that don't have a backing server after a specified time has elapsed.
Describe Alternatives You've Considered
We could immediately make credentials that don't have a corresponding server invalid.
Additional Context
Some relevant discussion in #60.