Cloud-IAMDisaster recovery
Backups
Our backup strategy is :
- Every deployment database is snapshot using the mechanism provided by the cloud provider the client is deployed to. Theses snapshots allows Cloud-IAM to do fast recovering on demand or in case of unrecoverable misconfiguration.
- Every deployment database is backed up using complete dump for cold storage. These backups are encrypted and stored in other locations using highly available storage in European Union (99.999999999% of durability).
- These backups are used for deployment migration and disaster recovery.
Each database is backed up at least daily.
The backup retention are :
- 7 days for snapshots
- 1 month for cold backups
Disaster recovery
Cloud-IAM deployment are by default deployed in a chosen cloud provider region in every of its availability zones in order to provide the most Highly Available setup possible in case of infrastructure and network failure. However, shit happens 😞. In case of region unavailability because of major outage in the chosen cloud-provider, Cloud-IAM on-call team is able to recreate from scratch any deployment using its cold backup.
- Depending on the gravity of the incident, Cloud-IAM on-call team will recreate the deployment :
- in the same region if possible
- in another region of the same cloud provider
- in another cloud provider only with direct approval of the customer
- The whole process can take up to 2 hours (RTO) and a data loss can be up to the last backup performed, so up to 24 hours (RPO) maximum.
For all the duration of the incident, Cloud-IAM on-call team will communicate every action to the impacted customers through emails.