Skip to content

S3 Terminology User Guide

This guide explains the S3-specific terms used in the backup configuration.

URL

  • Description: The URL of your S3-compatible storage provider. This is the endpoint where your S3 service can be accessed. For example, AWS S3 uses https://s3.amazonaws.com.

Region

  • Description: The geographical location of your S3 storage service. Each region corresponds to a physical data center or group of data centers. Example: us-west-2.

Bucket

  • Description: An S3 bucket is a container used to store data in S3. Think of it like a directory or folder, but it exists in the cloud. Each bucket has a unique name in your chosen region.

Locking Modes in S3 Backup

Locking modes control how backup data is managed, ensuring integrity and preventing unwanted overwrites. These modes are important for protecting backup data from accidental changes or deletions.

NO_LOCKING

  • Description: This locking mode disables any locking mechanism, meaning backups can be freely overwritten or deleted. There is no protection against modifications to the backup data once it's uploaded.

Use case:

  • Ideal for scenarios where flexibility and speed are more important than data protection.
  • Suitable for non-critical backups or temporary data where overwriting may be necessary.

Caution: Without locking, there is a higher risk of losing or corrupting backup data due to accidental overwrites.

Governance Mode

  • Description: Allows protection from accidental deletion. Users with special permissions (s3:BypassGovernanceRetention) can modify or delete objects.

Use case:

  • Ideal for environments where administrators need flexibility while enforcing retention policies.

Compliance Mode

  • Description: Provides the highest level of protection. Objects cannot be modified or deleted by any user, including the root account, until the retention period expires.

Use case: Suitable for regulatory requirements and strict compliance use cases.

Retention Periods S3 Object Lock allows you to define retention periods:

Retention Until Date: Specifies the exact date and time when an object can be deleted or modified.

Legal Hold: Can be placed on objects to prevent modification or deletion, without a defined expiration date.

For more details, refer to the AWS S3 Object Lock Documentation.

access_key

  • Description: A unique identifier used to authenticate and access your S3 storage account. This key is part of the security credentials that allow your backup tool to interact with your S3 service.

secret_key

  • Description: The secret counterpart to the access_key. It is used in combination with the access_key to authenticate and securely communicate with your S3 provider. It should always be kept confidential.