Disaster Recovery

Responsibilities and Access Control

Production environments

• By default, only the Cloud team is authorized to perform Disaster Recovery (DR) in production.
• This is because DR requires access to the central backup account and elevated permissions in the DR account, in line with Bymiljøetaten’s guideline “Access Management in Production Databases”.

Product Developer Responsibilities

• Request and schedule regular DR practice to be done for production environments by the Cloud team.
• Maintain oversight of DR needs and granted access for their application.

Exception: Developer-Executed DR

• If a developer team needs to perform DR themselves (for example, for critical applications requiring rapid incident response or when the Cloud team is unavailable outside normal working hours), this must be requested by the Product Developer.
• The Cloud team will:
  • Grant access to the specified individuals
  • Document the granted access
• The Product Developer remains responsible for managing and reviewing this access.

Non-production environments

• Any developer team member may perform DR.
• The developer team is responsible for:
  • Testing DR procedures
  • Requesting clarification or training from the Cloud team if documentation is unclear or improvements are needed
  • The Product Developer can request and schedule a DR practice to be done on preproduction environments by Cloud team if needed.

Documentation

• The Cloud team has documented the DR process.
• This documentation can be shared with development teams when required.