Configuring WORM Storage Lock

You can configure WORM storage lock in Commvault using the following procedure.

Before You Begin

Before configuring WORM storage lock, make sure to perform the following:

Create or configure the following in cloud storage:

Note

For information on permissions to configure cloud storages, see Creating a Cloud Storage Library.

Vendor	Before You Begin Tasks
Amazon S3	Create a bucket in Amazon S3 cloud storage, with object lock enabled. Create a lifecycle rule to clean up previous versions of the deleted objects. For more information, see Deleting Object Versions and Managing your storage lifecycle. Note Disable default retention when object lock is enabled. Verify that the PutObjectRetention permission is assigned to the bucket along with the other permissions needed to configure Amazon S3. For more information about the other permissions, see the Amazon S3 pages. Commvault uses Compliance mode with object lock on AWS S3. For a bucket on which versioning is enabled, you must have DeleteObjectVersion permission to delete versioned objects. For a bucket on which versioning and object lock are not enabled, you must have PutBucketVersioning permission to enable these for the bucket. The software automatically enables versioning and object lock for the bucket after you configure WORM storage lock.
S3 Compatible	Same tasks as Amazon S3 Commvault uses Compliance mode with object lock on S3 Compatible. Disable default retention when object lock is enabled or set retention days to 0. Additionally, you should configure life cycle policy to remove delete markers.
Google Cloud Storage	Create a bucket in Google Cloud Storage. Note From Commvault Platform Release 2024 (11.34), Commvault supports object lock on Google Cloud Storage, but only for new storage buckets. Upgraded storage buckets remain bucket lock enabled.
Microsoft Azure Storage	Create a storage account and a container with version-level immutability support in Microsoft Azure Storage. Create a lifecycle rule to clean up previous versions of the deleted objects. For more information, see Blob versioning and Optimize costs by automatically managing the data lifecycle. You must assign the Storage Blob Data Owner role in Azure to use the WORM storage functionality.

Procedure

From the navigation pane, go to Storage > Cloud.

The Cloud page appears.
Click the cloud storage for which you want to configure WORM storage mode.

The cloud storage page appears.
On the Configuration tab, in the WORM section, do the following:

a. Move the WORM storage lock toggle key to the right.

The Retention rules page appears.
Notes
- This action also enables compliance lock on all associated backup destinations.
- This action is irreversible and you cannot lower the retention.
- If you enabled WORM storage lock unintentionally, we recommend you to create a new storage pool with a new storage pointing to a new container or bucket.
b. In the Retention period option, specify the amount of time to retain the backups, and then click OK.

The Do you want to enable WORM storage lock? dialog box appears.

c. Select the options to confirm your agreement, type Confirm in the confirmation box, and then click CONFIRM.