Immutability for Object Storage Repositories

Veeam Backup & Replication allows you to prohibit deletion of data from the object storage repository by making that data temporarily immutable and to protect data against malware activity by maintaining several versions of a single backup.

The immutability feature can help in the following cases:

Data on the object storage is corrupted.
Retention policy is set to keep only one restore point.
Due to the hacker attack, the retention policy has been modified to a shorter period. For example, instead of keeping data for 5 days, the retention is set to keep it for only 1 day.

Immutability allows you to restore data from the object storage in these or other cases when necessary data is unavailable. To restore data, you need to run Veeam PowerShell. For more information, see Get-VBRObjectStorageRepositorySyncInterval and Sync-VBRObjectStorageRepositoryEntityState cmdlets.

After you enable immutability, you will not be able to perform the following operations with the immutable data stored on object storage repositories:

Manual data removal, as described in section Deleting Backups from Object Storage.
Removal of data by the retention policy, as described in section Retention Policy.
Removal of data using any cloud service provider tools, for example an S3 browser.
Removal of data by the cloud service provider technical support department.
Removal of data by the Remove deleted items data after option, as described in section Maintenance Settings.

You can enable immutability for data stored in the following types of object storage repositories:

Amazon S3
S3-compatible
Microsoft Azure Storage
IBM Cloud Object Storage
Wasabi Cloud Object Storage