[
https://issues.apache.org/jira/browse/SOLR-15864?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498937#comment-17498937
]
Jason Gerlowski commented on SOLR-15864:
----------------------------------------
bq. mark all uploaded objects as immutable for a defined period of time.
You didn't mention it by name in your description, but it sounds like you've
got [S3 Object
Lock|https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html] in
mind here? Or were you thinking of something else? [~michael-newsrx]
> Add option for Immutable backups to S3 for Ransonware and Deleteware
> mitigation
> -------------------------------------------------------------------------------
>
> Key: SOLR-15864
> URL: https://issues.apache.org/jira/browse/SOLR-15864
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: Michael Joyner
> Priority: Major
>
> It would be an extremely useful feature to add to the S3 backup repository
> (and possibly others, if supported) an option to be able to mark all uploaded
> objects as immutable for a defined period of time.
> If an file in the current backup already exists in the repository, simply
> extend its immutable until time.
> While I'm thinking of basic Ransomware and Deleteware mitigation, this also
> could be used for Compliance mode.
> Currently I'm backing up to a bucket with automatic locking, but this doesn't
> handle the situation where an already existing uploaded index file immutable
> until time ends earlier - leaving a timestamp gap and eventual immutable
> state no longer being active on some index files as compared to others for a
> particular backup opening up an avenue for attack.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
