Abstract
Soft deletion is a feature in cloud computing that provides a safety net against accidental deletions using a predefined grace period within which the cloud resource is recoverable. However, soft deletion creates new operational bottlenecks for users who intended to permanently delete their resources, e.g., continued resource occupation by soft-deleted clouds, inhibited redeployment of resources, etc. This disclosure describes techniques for secure soft deletion of cloud resources in a manner that fulfills operational, security, and user experience requirements such as accelerated decommissioning, visibility into the state of decommissioning, and deterministic rollback of decommissioning. A robust, end-to-end, orchestrated procedure balances resource protection with the agility of an accelerated deletion option, secured by an auditable privileged access control (PAM). The PAM mechanism prevents malicious or catastrophic deletion using just-in-time privilege elevation. An orchestrated network isolation protocol executes a sequence of steps to ensure complete and reversible network isolation. Upon user command, a deterministic rollback procedure symmetrically reverses the steps of the network isolation protocol to ensure a clean, deterministic restoration to a fully operational state.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Mavilla, Pardha Saradhi, "Secure Decommissioning of Cloud Resources", Technical Disclosure Commons, (January 28, 2026)
https://www.tdcommons.org/dpubs_series/9229