Guide

Data protection

Suggest Edits

Best practices to prevent the accidental deletion of objects

Object Storage provides several features that can be used to help prevent unwanted deletion of data. From simplest to strictest, they are:

  • Versioning is a method of retaining historical versions of files (objects). While it is still possible to explicitly delete a past version of an object (by passing the appropriate versionID to the DeleteObjects S3 operation, for example), doing so requires extra steps, which may make it less likely to happen accidentally.
  • Object Lock is a method of defining time-based restrictions on how old an object version has to be before it can be explicitly deleted.
    • In GOVERNANCE mode, explicit deletion of past versions is still possible before the retention period expires, but requires special permission (an unlimited access key) as well as an explicit "bypass governance retention" flag in the deletion request. This provides further safeguards against accidental deletion.
    • In COMPLIANCE mode, it is not possible for any user to delete object versions before the retention period expires. This provides the highest level of protection against accidental and even malicious deletion (such as from ransomware).

Updated 5 days ago