We are currently using Vault OSS in production, and for the backup or restore of Vault’s encrypted data we are using the HashiCorp-supported storage backend APIs :
- Backup : GET /sys/storage/raft/snapshot
- Restore: POST /sys/storage/raft/snapshot
From the information provided in the documentation, it seems that there is no solution for
a partial backup/restore. In order to perform a restore procedure, it is needed to spin up a fresh cluster and restore from the latest backup.
Does anyone has come with a solution on this or what would be the best practice/approach ?