Configuring Immutable Storage with Object Storage Repository

Configuring Immutable Storage with Object Storage Repository

KB ID: 190027
Objective:
This KB article provides step-by-step guidance on configuring an Object Storage Repository as Immutable Storage in Amazon S3 and S3-compatible clouds. This involves enabling Object Locking and implementing the required IAM User Policy.
Amazon S3:
1. Enable Object Locking in the Bucket:
Access the AWS Management Console and navigate to the S3 service.
  1. Choose the desired bucket for Immutable Storage configuration.
  2. Navigate to the "Management" tab.
  3. Under "Object lock," click "Edit."
  4. Enable "Object Lock" and save the changes.
2. Remove Default Retention Settings (if any):
While configuring Object Locking, ensure no default retention settings are applied to the bucket, allowing objects to be classified as immutable without predefined retention periods.
3. Implement IAM User Policy:
  1. Create an IAM User Policy with necessary permissions to designate the bucket as Immutable Storage.
  2. Access the IAM console in the AWS Management Console.
  3. Navigate to "Policies" and click "Create Policy."
  4. Select the "JSON" tab and utilize the provided template
    1. JSON policy Template
  5. Review and save the policy.
4. Attach the Policy to IAM User:
In the IAM console, navigate to the "Users" section.
  1. Select the IAM user responsible for configuring Immutable Storage.
  2. Access the "Permissions" tab and click "Attach Policies."
  3. Search and attach the previously created IAM User Policy.
S3 Compatible Clouds:
Immutable cloud storage solutions such as Wasabi and MinIO are supported in BDRSuite. For other S3-compatible clouds, follow similar steps.
1. Enable Object Locking in the Bucket.
2. Remove Default Retention Settings (if any).
3. Implement IAM User Policy.
4. Attach the Policy to IAM User.
Conclusion:
Following these outlined steps facilitates the configuration of an Object Storage Repository as Immutable Storage in Amazon S3 and S3-compatible clouds. Enabling Object Locking and enforcing the necessary IAM User Policy enhances the security and compliance of your S3 bucket, ensuring immutability for specified objects.

    • Related Articles

    • Configuring Object Storage Repository as Immutable Storage

      KB ID: 190026 Overview: Configuring an Object Storage Repository as Immutable Storage requires specific permissions to be granted. This article delineates the essential permissions and presents the JSON format of an IAM user policy necessary for ...
    • Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the BDRSuite Backup Server. What is object storage? Object storage is a data storage architecture ...
    • Offsite DR Object Storage Repository - Introduction

      In this section, you will find information about object storage, its limitations if any and the process of configuring it as your backup storage using the Offsite DR Server. What is object storage? Object storage is a data storage architecture that ...
    • Configuration of Object Storage Repository with Immutability in Amazon S3

      KB ID: 190021 Objective: This guide provides step-by-step instructions for configuring an Object Storage Repository with Immutability in Amazon S3 by enabling Object Locking on a bucket. Immutability ensures that objects within the bucket cannot be ...
    • Configuring S3 Compatible Cloud Storage as Backup Repository

      BDRSuite allows its users to choose their S3 Compatible storage as a repository for all its backup data. S3 compatible storage is built using the Amazon S3 Application Programming Interface (API). So, any application which understands the S3 API will ...