Configuration of Object Storage Repository with Immutability in Amazon S3

Configuration of Object Storage Repository with Immutability in Amazon S3

KB ID: 190021
Objective:
This guide provides step-by-step instructions for configuring an Object Storage Repository with Immutability in Amazon S3 by enabling Object Locking on a bucket. Immutability ensures that objects within the bucket cannot be deleted or altered within a specified retention period.
Prerequisites:
  1. AWS account with the necessary permissions.
  2. Access to the AWS S3 console or AWS Command Line Interface (CLI).
Steps:
1. Enable Versioning:
  1. Open the AWS S3 console or use the AWS CLI.
  2. Navigate to the desired S3 bucket.
  3. Select the "Properties" tab.
  4. Under "Advanced settings," enable versioning.
2. Enable Object Locking:
    In the S3 console or using the AWS CLI:
  1. Navigate to the bucket properties.
  2. Under "Object Lock," enable Object Locking.
  3. Choose the desired retention settings or leave it unset for manual configuration.
3. Do Not Configure Default Retention Modes:
When enabling Object Locking, ensure that no default retention modes are configured unless specific retention requirements exist.
4. Create an S3 Bucket:
     If the bucket does not exist:
  1. In the AWS S3 console, click "Create bucket."
  2. Follow the prompts to configure the bucket, enabling versioning and Object Locking.
5. Additional Required Permissions:
    Grant the following IAM permissions to the user or role interacting with the S3 bucket:
  1. s3:GetBucketObjectLockConfiguration
  2. s3:GetObjectLegalHold
  3. s3:GetObjectRetention
  4. s3:PutBucketObjectLockConfiguration
  5. s3:PutObjectRetention
6. Reference Documentation:
For detailed information, refer to the official AWS documentation on Amazon S3 Object Lock Configuration
Note: Enable Object Locking for an Existing Bucket:
   - If the bucket already exists and Object Locking needs to be enabled:
     - Follow steps 1 and 2 for the existing bucket without creating a new one.
     - Adjust permissions and refer to the AWS documentation for any additional considerations.
Conclusion:
Following these steps ensures the successful configuration of an Object Storage Repository with Immutability in Amazon S3 by enabling Object Locking on the specified bucket. It is crucial to review and understand the AWS documentation for any updates or additional features related to Object Locking.

    • Related Articles

    • Configuring Immutable Storage with Object Storage Repository

      KB ID: 190027 Objective: This KB article provides step-by-step guidance on configuring an Object Storage Repository as Immutable Storage in Amazon S3 and S3-compatible clouds. This involves enabling Object Locking and implementing the required IAM ...
    • Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the BDRSuite Backup Server. What is object storage? Object storage is a data storage architecture ...
    • Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the BDRSuite Backup Server. What is object storage? Object storage is a data storage architecture ...
    • Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the BDRSuite Backup Server. What is object storage? Object storage is a data storage architecture ...
    • Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the BDRSuite Backup Server. What is object storage? Object storage is a data storage architecture ...