To improve the security management level of data backup and meet security compliance requirements, you must protect your data against accidental operations and malicious attacks. Cloud Backup provides the immutable backup feature for general-purpose backup vaults based on the write once, read many (WORM) technology. This topic describes how to enable the immutable backup feature for a general-purpose backup vault.
Introduction
If you enable this feature for a backup vault, data can be written to the backup vault only once and read from the backup vault multiple times. The feature provides additional protection for your backup vaults.
After the immutable backup feature is enabled, it cannot be disabled.
After the immutable backup feature is enabled, backup vaults and backup data cannot be deleted until the retention period expires.
The immutable backup feature does not affect backup and recovery operations.
The immutable backup feature is used to protect backup data against unauthorized modification or deletion. After the immutable backup feature is enabled, the backup data cannot be manually modified or deleted before it is automatically deleted upon expiration. Even users with appropriate permissions cannot modify or delete the backup data.
Applicable scope
The immutable backup feature can be enabled for general-purpose backup vaults. The immutable backup feature is not available for Tablestore backup vaults and database backup vaults.
For more information about the regions that support the feature, see Features available in each region.
Prerequisites
One or more general-purpose backup vaults are created. The immutable backup feature can be enabled only on the Storage Vaults page.
Enable the immutable backup feature
Log on to the Cloud Backup console.
In the left-side navigation pane, click .
Find the backup vault for which you want to enable the immutable backup feature. In the Actions column of the backup vault, choose More > Modify Backup Vault.
In the Modify Backup Vault panel, turn on Immutable Backup.
NoteYou can enable the immutable backup feature for general-purpose backup vaults and archive vaults whose retention period is permanent. If the Storage Vault Type is Tablestore Backup or Database Backup, the Immutable Backup switch is not displayed.
In the message that appears, click OK.
In the Modify Backup Vault panel, click OK.
After you complete the preceding operations, Immutable Backup is displayed in the Data Lock Mode column of the backup vault.
FAQ
Why am I unable to enable Immutable Backup in the Modify Backup Vault panel?
You can enable the immutable backup feature for general-purpose backup vaults. If the Storage Vault Type is Tablestore Backup or Database Backup, the Immutable Backup switch is not displayed.
Can I disable the immutable backup feature for a backup vault?
No, you cannot disable the immutable backup feature after it is enabled. After the immutable backup feature is enabled, backup vaults and backup data cannot be deleted until the retention period expires. The immutable backup feature does not affect backup and recovery operations.
References
Cloud Backup provides the following enterprise-class capabilities to ensure data security: