Secure Snapshots can be created:
The easiest approach is with the PowerFlex Manager. We go to the Block > Volumes menu, select the volume, and click the More Actions menu.
The create snapshot window opens, which allows us to name the snapshot and to set its properties (read-only; secure):
For this example, we will set the expiration time to 15 minutes. But the interval can be set in PowerFlex Manager to minutes, hours, days, or weeks.
After creating the snapshot of our source volume, it appears and is marked both secure and read-only.
From the CLI, we would do something like the following to create a secure snapshot:
scli --snapshot_volume --volume_name workload-volume-0 \
--snapshot_name workload-volume-0-snap-1 --retention_period 15m
You are prompted to confirm the decision to create a secure snapshot:
Alternatively, users can preemptively approve the creation by adding the --i_am_sure flag to the command.
Specifying a retention period denotes the snapshot as secure and includes the read-only attribute. The time period is specified using m | h | D | W | M | Y respectively indicating minutes, hours, days, weeks, months, or years. Examples: 30m (thirty minutes), 5D (five days), 1M (one month, which equals 31 days).