Early in 2025 Thales Data Protection on Demand (DPoD) will be changing the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome. To ensure continued network connectivity between your Luna Cloud HSM client and the service partition please ensure that you update your include lists to allow the Thales OneWelcome fully qualified domain names. The Luna Cloud HSM data centers are configured with floating IP addresses and as a result of this configuration we do not support using static IP addresses or hardcoded IP addresses to access the services. 

For more information about the IDP migration see the DPoD IDP Migration FAQ. For more information about configuring and troubleshooting your client connection see Client Network Connectivity and Troubleshooting the Client Connection.

Thales Data Protection on Demand (DPoD) will be changing the Identity Provider (IDP) used in the DPoD platform to Thales OneWelcome. This update enables the platform to provide modern authentication options as well as simplifying logins for users that manage multiple tenants on the platform. 

For more information about this upcoming change and potential impacts to you please see the DPoD IDP Migration FAQ.

The Thales Data Protection on Demand Terms of Service have been updated. Please review the Terms of Service for more information.

Thales Data Protection on Demand (DPoD) audit logs for Luna Cloud HSM and CipherTrust Data Security Platform as a Service (CDSPaaS) service instances are now available through the tenant user interface. You can generate, review, and download audit logs for services in your tenant using your tenants Logs page. For more information about viewing and downloading audit logs through the tenant user interface see Audit Logging.

In the upcoming release of FW 3.0 for Luna Cloud HSM, CPv1 will be removed from FIPS firmware support as it is no longer compliant with 140-3. As this only affects FIPS mode, all affected users should use CPv4 or transition service to non-FIPS mode. If Luna Network HSM users want to clone to Luna Cloud HSM with a FIPS partition they will have to use Luna 7.8 or higher. See Universal Cloning for more information.

FW 2.0.5 has been released to all production environments. This release resolves the issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM.

The new firmware versions based on region and FIPS mode are as follows: 

• NA FIPS - 2.0.5
• NA non-FIPS - 2.0.5
• EU FIPS - 2.0.5
• EU non-FIPS - 2.0.5

Added 

Luna Cloud HSM Backup

The issue with restoring Luna Cloud HSM backups from a Luna USB Backup HSM has been rectified with FW 2.0.5.

Luna Cloud HSM Datacenters are now configured with a floating IP address. Users should be aware that any client configuration that relies on a static IP address configuration will no longer function. 

Please see the Client Network Connectivity Documentation for information about configuring your client environment. Thales does not recommend using any static IP filtering when accessing the service. Should your configuration require the use of static IP address filtering, please contact Thales Customer Support for more information.

The certificate CA provider for the platform authentication service is being changed to Sectigo, a global leader in digital identity security solutions. The scheduled time for this change is detailed on the DPoD Status Dashboard. 

Please be aware that you may need to update your system's certificates and ensure that CA CRL and OCSP endpoints are reachable in accordance with this change. 

If you require assistance or have any inquiries please contact our Support Team using the Thales Customer Support Portal.

The Service Provider Tenant Usage Report and the associated tenants/usageReport, tenants/usageDetails, and service_instances/usageDetails endpoints have been removed from the platform.

As an alternative use the Service Report in the DPoD service provider tenant or the /v1/service_instances/usageBillingReport endpoint, and the  /v1/backoffice/serviceAgreements{tenantId} endpoint to compile tenant usage information.