Suspending policies
A snapshot policy can be suspended using chvolumegroupsnapshotpolicy -snapshotpolicysuspended yes CLI command to stop creation and deletion for a volume group.
If the source volumes are compromised during a cyberattack or during a disaster recovery
scenario, any snapshot taken during an attack can contain malicious data or software, consequently
the system supports suspending all snapshot policies until the compromised data can be determined.
This is done at a system level with the following
command:
chsystem snapshotpolicysuspended yes
Snapshots can be used for cloning or restoring while any snapshot policies are suspended. The snapshot_policy_suspended parameter in the lssystem command displays the suspension status for the system. Similarly, the snapshot_policy_suspended parameter in the lsvolumegroupsnapshotpolicy command displays the suspension status for a volume group.