This article provides step-by-step instructions on setting up S3 object locking, also known as immutable storage, for archives in Rapid Recovery 6.9 and later. The object lock feature ensures that data stored in Amazon S3 buckets is protected from deletion or alteration for a specified retention period, enhancing the security and compliance of archived data.
Environment:
Steps to Set Up S3 Object Lock for Rapid Recovery Archives:
Add the AWS Cloud Account:
Before creating an archive, you need to add your AWS cloud account in Rapid Recovery. This allows Rapid Recovery to access and manage the S3 bucket where the archive will be stored.
For detailed steps on adding a cloud account, refer to the Rapid Recovery documentation: Adding a Cloud Account.
Initiate Archive Setup:
To create a new archive, start the Archive Setup Wizard in Rapid Recovery. For detailed instructions, refer to the Rapid Recovery documentation: Creating an Archive.
Select an AWS account from the drop-down list in the wizard.
Note: To select a cloud account, you must first have added it in the Core Console. For more information, see Adding a Cloud Account.
Enable Object Lock:
During the archive setup, an option for Object Lock will appear. A checkbox will be displayed on this window. To enable Object Lock, check this box.
Configure Additional Object Lock Options:
Once Object Lock is enabled, the following options will become available:
Enable Legal Hold: This option prevents the object from being deleted for legal or regulatory reasons, regardless of the retention period settings.
Retention Mode: You must specify the retention mode and the number of days for which the data should be locked. The retention mode options are:
Compliance Mode: Objects in compliance mode cannot be overwritten or deleted by any user, including the root account in your AWS account.
Governance Mode: Users with specific permissions can overwrite or delete the object version or alter its retention settings.
For more information on retention modes and configurations, refer to the AWS article on S3 Object Lock.
Set Retention Period:
Specify the number of days for which the archive should be locked. If the S3 bucket already has Object Lock enabled with a specified retention period, ensure that the archive's retention period is greater than the existing one. For instance, if the bucket's retention period is set to 2 days, the archive must have a minimum retention period of 3 days.
Conclusion:
Configuring S3 Object Lock for Rapid Recovery archives enhances data protection by ensuring that archive data cannot be altered or deleted within the specified retention period, aligning with compliance and security requirements.
References:
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center