Skip to main content

Roll Back Changes to User Keys

This section describes how you can roll back user keys to an earlier point in time.

Rollback allows you to revert user-key changes caused by key-management actions, as well as changes detected via host scans. User keys can be rolled back to any point in history where audit events are present.

The high-level workflow for a rollback operation is:

  1. Initiate a Rollback action on the target user keys. This creates a rollback request.

  2. In the rollback request, review and select the changes in the authorized-key history that shall be reverted.

  3. Proceed with the rollback request. The target authorized keys are reverted as specified in the previous step.

More detailed instructions for rolling back authorized keys as follows:

  1. In the Key Manager GUI, select the user keys you want to roll back, and perform a Rollback action on them. This creates a rollback request.

    If you specify a Timepoint for the Rollback action, the rollback request disallows reverting actions before the Timepoint.

    Click Confirm to create the rollback request.

  2. On the User keys→Requests page, perform a Decide Rollback Point action on the rollback request. For each target key, select the changes that are to be reverted, then click Confirm to apply your changes.

  3. Back on the User keys→Requests page, perform a Proceed with Rollback action on the rollback request. Key Manager launches jobs to revert the selected changes. The target keys are rolled back once the jobs finish successfully.