Users can now subscribe to individual components through the Thales Data Protection on Demand Status Page. When you subscribe to updates you can specify the DPoD components, services and regions that you would like to receive updates for.
To become a subscriber or update your subscription visit the Thales Data Protection on Demand Status Page and click Subscribe to Updates.
Thales Data Protection on Demand has updated the procedure for purchasing service subscriptions. Services can now be purchased through the subscriptions tab in the DPoD user interface instead of the services tab. This includes subscribing to new services, renewing expiring subscriptions, or adding quantities to an existing subscription.
For more information see Purchasing a Service Subscription.
Thales Data Protection on Demand has made the following changes to how billing and service subscriptions work in DPoD:
Tenants that have an accepted Service Elections form will have the following changes:
Tenants that do not have an accepted Service Elections form will have the following changes:
Note: If your tenant is unable to retrieve and display subscriptions please contact Thales support to resolve the issue. You will be unable to provision new services until the issue is resolved.
The CipherTrust Data Security Platform is now visible in EU tenants as a beta service offering. Access to the beta service is restricted at this time. The beta service is disabled in all tenants that are not participating in the beta.
For more information about registering for the CipherTrust Data Security Platform beta please contact steve.kingston@thalesgroup.com.
When Max Session Objects goes over 100 the user will now receive the following error message: CKR_MAX_OBJECT_COUNT_EXCEEDED.
Previously there was no session object limit set therefore there was no message sent to the user.
Bugs Found
The firmware versions for Luna Cloud HSM Services operating in NA and EU non-FIPS environments have been updated. The current firmware version based on region and FIPS mode are as follows:
Universal Cloning
Universal Cloning (CPv4) is now a supported feature when combining UC 10.5.0 and Firmware 2.0. Universal Cloning can be used for key migration to any trusted Thales HSMs that also support the Universal Cloning protocol.
In order to use the Universal Cloning feature, the following must be true:
NOTE: You can only clone between initialized partitions, and they must have the same cloning domain (secret), which is provided at the time of initialization.
More info can be found here: Universal Cloning.
As of UC 10.5, the configuration of multiple users will be supported which allows multiple partition slots to be accessed from a single client instance. This allows customers to add multiple UserID's (a combination of unique AuthTokenClientID, AuthTokenClientSecret, AuthTokenConfigURI) without the need to restart the application after the addition of a new UserID. This will enable a service provider to configure multiple UserID's without impacting the service any of the other users in the same UC instance.
The ability to load multiple partitions to the same UserID without impacting service to other users will also be supported. If an attempt is made to add the same partition ID to a different user that will be ignored and a Warning log will be generated.
More info can be found here: "Dynamic Partition Loading for Luna Cloud HSM Services"
The servicePlan field is being made mandatory for service creation when using the API, for example when using POST/service_instances
or POST/services
.
If you use the API to provision services, you will need to pass a value matching one of the plans listed in the Open Service Broker catalog. For Luna Cloud HSM services, you must pass "single_hsm". Failure to pass a valid plan will result in a 400 error.
See the Thales Documentation Portal for more information about available endpoints and fields.