Partition Snapshot Restoration Guide
Thales Data Protection on Demand (DPoD) allows Luna Cloud HSM Service users to restore their service partition to a previous snapshot. A partition snapshot is a complete capture of the state of the partition that includes any objects, keys, certificates, etc., as well as the current state of credentials for initialized users on the partition (Security Officer, Crypto Officer, Crypto User).
Use cases for restoring partition snapshots include:
- Zeroized partition as a result of failed log in attempts
- An invalid object created on the partition renders it inoperable
- Accidental key deletion
- User credentials were rotated and the new credentials were not captured properly
Snapshots are taken daily and stored for a period of 7 days. After the 7 days the snapshot is destroyed. A tenant administrator can submit a Partition Snapshot Restoration Request Form to have a partition restored to a previous state. Partition rollbacks can take up to 48 hours to complete.
Restoring a partition will undo any changes made to the service partition since the backup date, this includes removing new objects from the service partition and resetting password changes.