Disaster Recovery: Detailed Division of Responsibility

The following RACI Matrix provides an in-depth summary of the roles and responsibilities allocated between Auth0 and the subscriber.

Definitions

RACI refers to the following list of definitions:

  • Responsible: the assigned party who is responsible for implementing the task as required;
  • Accountable: the assigned party who is accountable for the task being completed as required;
  • Consulted: the party (or parties) whose opinions are requested and with whom there is two-way communication;
  • Informed: the party (or parties) who are kept up-to-date with regards to progress and with whom there is one-way communication

Database Backup

Please see Database Backup for more information.

The following table details the task division for configuring, creating, and monitoring the data backup process.

PSaaS Appliance-Related Tasks or Actions Auth0 Subscriber Notes
Provision Additional Backup Disk I R, A The subscriber will need to provision an additional drive for backup purposes.
Download PSaaS Appliance CLI tool C R, A The subscriber will need to contact their Auth0 Customer Success Manager for the custom download link.
Install PSaaS Appliance CLI Tool I R, A The subscriber will need to install the CLI tool.
Configure Appliance CLI Tool I R, A The subscriber will need to add a node to the backup role.
Perform Data Backup via CLI Tool I R, A The subscriber will need to initiate a backup action via the CLI, as well as check periodically on the status of the backup.
Beginning with version 11638, a separate Sensitive Configuration Backup needs to performed as well.
Store Data Backup at a Secondary Site I R, A The subscriber will need to retrieve an existing backup and store it in a safe location outside the PSaaS Appliance.
Delete Data Backups I R, A Only one backup should be stored in the backup device. If there exists a backup on the device, the subscriber will be asked to delete it prior to creating a new one.

Restore Data Backup

PSaaS Appliance-Related Tasks or Actions Auth0 Subscriber Notes
Have Data Backup Available C R, A The data backup files should be available and ready to be copied to the Auth0 VMs.
Provide Backup Password I R, A The subscriber will provide the password used to create and encrypt the backup file. Without this password, the backup file cannot be decrypted and used to restore the environment.
Create New Virtual Machines from Auth0 Images I, C R, A The subscriber will be responsible for creating the new virtual machines (where the environment will be restored from the backup) using images provided by Auth0.
Restore the Data Backup R, C I Please open a ticket in the [Auth0 Support Center](https://support.auth0.com) to request assistance with restoring a backup. Auth0 Customer Success Engineers will partner with the subscriber's infrastructure engineers to restore the environment.

Virtual Machine Snapshots

PSaaS Appliance-Related Tasks or Actions Auth0 Subscriber Notes
Configure / Create VM Snapshots I R, A The subscriber is responsible for configuring and create snapshots on a scheduled basis.
Restore VM Snapshots I R, A The subscriber is responsible for restoring a VM Snapshot..

Backup Cadence Recommendations

Auth0 recommends backing up your data on a daily basis (usually overnight to lessen impact on performance). However, if you need greater assurance of up-to-date data or have concerns about a logical data corruption, you might choose to backup more frequently. If this is the case, please contact your Auth0 Customer Success Manager to schedule a discussion, since the backup process puts a substantial load on the backup node and may impact your Production environment.

Auth0 recommends taking weekly Virtual Machine Snapshots.