You can enable Write Once Read Many (WORM) storage and retention for the following cloud vendors:
- Amazon S3
- Microsoft Azure Storage
- Oracle Cloud Infrastructure (OCI)
WORM storage prevents the accidental deletion of data that has not yet met its retention criteria.
Key Considerations
Caution
- Enabling WORM storage lock and compliance lock applies to all associated backup destinations.
- This action is irreversible, and you cannot reduce the retention period once enabled.
- Enabling WORM storage automatically enables compliance lock, which prevents changes to retention settings.
- Once enabled, WORM storage cannot be disabled, and the data remains immutable for the duration of the retention period.
- For Amazon S3 and Azure Storage, enabling WORM storage increases the storage footprint to more than 2x the protected front-end data size, due to object lock overhead and deduplication handling. For this reason, WORM is better suited for secondary or tertiary copies than for primary data.
- If you add a custom backup plan with WORM storage, the backup plan inherits its retention settings from the storage pool.
Types of Locks
Lock Type | Scope | Description | Notes |
---|---|---|---|
WORM Storage Lock | Cloud Storage Level | Protects data at the cloud storage level for both deduplicated and non-deduplicated data. | Air Gap Protect is not supported. |
Compliance Lock | Software Level | Prevents destructive tasks such as deleting backups, storage, apps, servers, or reducing retention. Applies to all backup destination copies. | Cloud app workloads that use bundled Commvault Cloud are not supported. |
Support for OCI
Commvault Cloud supports Bucket Lock on Oracle Cloud Infrastructure (OCI).
- OCI does not support object lock, but bucket-level retention is available through Bucket Lock.
- When you enable WORM storage lock from the Metallic console on an OCI storage, Commvault Cloud automatically configures the corresponding bucket settings:
- A retention lock policy is applied to the OCI bucket.
- The retention period (in days) matches the WORM lock duration set in Commvault Cloud.
Before You Begin
Complete the following tasks on your storage platform:
Platform |
Tasks |
---|---|
Amazon S3 |
|
Azure Storage |
|
Procedure
-
From the Command Center navigation pane, go to Storage > Cloud.
The Cloud page appears. -
Click the cloud storage.
The Cloud Storage page appears.
Enable WORM Storage Lock
-
Move the WORM storage lock toggle to the right.
The Retention rules page appears. -
In Retention period, specify how long to retain backups, and then click OK.
The Do you want to enable WORM storage lock? dialog box appears. -
Confirm your agreement by selecting the options, typing Confirm, and then clicking CONFIRM.
Note
- Both WORM storage lock and compliance lock will be enabled on all associated backup destinations. This action is irreversible, and you cannot reduce the retention.
- If you enabled WORM storage lock unintentionally, create a new storage pool with a new container or bucket.
Enable Compliance Lock Only
-
Move the Compliance lock toggle to the right.
The Do you want to enable Compliance lock? dialog box appears. -
Confirm your agreement and click YES.
Note
Compliance lock is applied to all associated backup destinations. This action is irreversible, and you cannot reduce the retention.