K8s Vault OSS | Partial Backup/Restore

erlisb · November 10, 2022, 8:55am

Dear community,

We are currently using Vault OSS in production, and for the backup or restore of Vault’s encrypted data we are using the HashiCorp-supported storage backend APIs :

Backup : GET /sys/storage/raft/snapshot
Restore: POST /sys/storage/raft/snapshot

From the information provided in the documentation, it seems that there is no solution for
a partial backup/restore. In order to perform a restore procedure, it is needed to spin up a fresh cluster and restore from the latest backup.

Does anyone has come with a solution on this or what would be the best practice/approach ?

Many thanks,
Erlis

maxb · November 11, 2022, 4:11pm

There is no support in Vault currently for partial backup/restore.

I don’t believe it’s possible, with full generality.

With certain simplifying assumptions/limitations, it might become possible, but it would still then require some fairly significant feature development inside the core of the Vault product.

erlisb · November 15, 2022, 9:32am

Hi @maxb,

Thanks for your reply.

As you already stated, currently there is no support in the Vault core for partial backup/restore.

Let’s see what the community will bring in future releases.

Thanks,
Erlis

Topic		Replies	Views
Backup/Restore K/V data Vault vault	18	5190	July 5, 2024
Vault backup and restore Vault	0	265	June 10, 2021
Vault snapshot restore for large snapshots Vault k8s , raft , vault	0	277	June 28, 2023
Is only root token is capable of restoring vault snapshots? Vault k8s , vault	4	891	June 1, 2022
Backup / Restore strategy (storage: file) Vault	0	249	April 15, 2021

K8s Vault OSS | Partial Backup/Restore

Related topics