System and method for database recovery for encrypted indexes

What is claimed is: 1 . A system comprising: a processing system that includes one or more processors; and a memory that stores computer program instructions that are executable by the processing system, the computer program instructions including: a query manager configured to: receive from a first client device a first query, having a decryption key, that when performed modifies an encrypted index of a database using a secure enclave that requires the decryption key for access to the encrypted index; and receive from a second client device a second query, subsequent to the first query, that is directed to the database and that has the decryption key; an event monitor configured to: determine that events requiring remedial actions for the database have occurred; initiate a first remedial action for the database based on an event of the events that occurs subsequent to the first query and prior to the second query, the first remedial action comprising an attempt to recover the encrypted index; determine, after completion of the first remedial action, that the first remedial action was unsuccessful in recovering the encrypted index; and initiate, after access is enabled for the database subsequent to completion of the first remedial action, a second remedial action that utilizes the decryption key received with the second query; and a deferment manager configured to: defer one or more transactions of at least the first query or the second query based on a lock for the encrypted index being taken; and queue the one or more transactions for completion based on the lock for the encrypted index being released. 2 . The system of claim 1 , further comprising: an access manager configured to: disable access to the database subsequent to the event and prior to completion of the first remedial action; take the lock for the encrypted index subsequent to the event based at least on the determination that the first remedial action was unsuccessful in recovering the encrypted index; enable access to the database subsequent to the completion of the first remedial action; and release the lock for the encrypted index subsequent to completion of the second remedial action. 3 . The system of claim 1 , wherein the first remedial action includes an accelerated database recovery action performed without the enclave. 4 . The system of claim 1 , wherein the first remedial action further comprises at least one of: a restart of the database, the restart using another secure enclave that requires the decryption key for access to the encrypted index, or a rollback action. 5 . The system of claim 1 , wherein the second remedial action comprises an index recovery action that is configured to gain access to the encrypted index based on the decryption key received with the second query. 6 . The system of claim 1 , wherein the event monitor is configured to: provide a status signal representative of the encrypted index being unrecovered to an index validator configured to mark the encrypted index as invalid in the database based at least on the determination that the first remedial action was unsuccessful in recovering the encrypted index. 7 . The system of claim 1 , wherein the query manager is configured to perform via a virtual machine instance: the second query on the database using another secure enclave and the decryption key received with the second query; and the second remedial action to recover the encrypted index. 8 . A computer-implemented method, comprising: receiving from a first client device a first query, having a decryption key, that when performed modifies an encrypted index of a database using a secure enclave that requires the decryption key for access to the encrypted index; determining that an event has occurred, requiring a remedial action for the database, prior to completion of the first query; initiating a first remedial action for the database to attempt recovery of the encrypted index; determining, after completion of the first remedial action, the first remedial action was unsuccessful in recovering the encrypted index; deferring one or more transactions of queries that affect the encrypted index subsequent to said determining that the event has occurred; initiating a second remedial action to recover the encrypted index; receiving from a second client device a second query, subsequent to the first query and said initiating the second remedial action, that is directed to the database and that has the decryption key; and completing the second remedial actions and the one or more transactions that were deferred. 9 . The computer-implemented method of claim 8 , wherein said initiating the second remedial action is performed in the background at least partially concurrently with the database being accessible and able to service queries. 10 . The computer-implemented method of claim 8 , wherein the first remedial action includes at least one of: a restart of the database, the restart using another secure enclave that requires the decryption key for access to the encrypted index, or a rollback action. 11 . The computer-implemented method of claim 8 , wherein the second remedial action comprises an index recovery action that is configured to gain access to the encrypted index based on the decryption key received with the second query. 12 . The computer-implemented method of claim 8 , wherein said deferring one or more transactions of queries comprises at least one of: maintaining a lock on modified data of the encrypted index; or deferring based at least on recovery of the encrypted index requiring the decryption key. 13 . The computer-implemented method of claim 12 , wherein said completing the one or more transactions comprises completing the one or more transactions based on at least one of: the recovered encrypted index that was recovered utilizing the decryption key received with the second query; or invalidating the encrypted index and forcing completion of the one or more transactions. 14 . The computer-implemented method of claim 8 , further comprising: performing calls for the encrypted index to the database using the secure enclave via a virtual machine instance. 15 . The computer-implemented method of claim 8 , further comprising: disabling access to the database subsequent to the event and prior to completion of the first remedial action; and enabling access to the database subsequent to the completion of the first remedial action. 16 . A computer-readable storage medium having program instructions recorded thereon that, when executed by a processing device, perform a method, the method comprising: receiving from a first client device a first query, having a decryption key, that when performed modifies an encrypted index of a database using a secure enclave that requires the decryption key for access to the encrypted index; determining that an event has occurred that requires a first remedial action for the database; initiating the first remedial action for the database and the encrypted index to attempt recovery of the encrypted index; after completion of the first remedial action, determining that the database is restarted and is without access to any secure enclave; initiating a second remedial action for the encrypted index, that includes invalidating the encrypted index for the database, based on the first remedial action being unsuccessful in recovering the encrypted index; and completing the second remedial action. 17 . The computer-readable storage medium of cla