Re: How does Multi-admin verification affect Commvault Intellisnap snapshot deletion?

sanmonkey · ‎2023-09-19

We want to start using multi-admin verification and one of the things we were thinking about is a rule for “volume snapshot delete”, but the question came to mind…what about Commvault created snapshots? I’ve searched it to death, but I can’t find anything that would exempt an application created snapshot. NetApp snapshot policies delete snaps based on policy and don't require approval as far as I can tell. Is anyone using MA verification with Commvault and, if so, how has your experience been?

sanmonkey · ‎2024-04-30

So, through our VAR partner we found you can create the rule below, this will work if the snapshot name includes the format below (ours always has SP_2 in the name) then this will allow for deletion without triggering MAV. Any other snapshot deletion will require MAV.

security multi-admin-verify rule create -operation "volume snapshot delete" -auto-request-create true -query "-snapshot !SP_2*" -required-approvers 1 -approval-groups mavgroup