Create object lock enabled backups
After creating the required object lock enabled schedule policies, you can use them to create an object lock enabled manual or scheduled backup.
Prerequisites:
In S3 compliant object store user interface, create a bucket, enable object lock, and set retention period.
NOTE: Object lock enabled backup locations should be configured with a minimum retention
period of 7 days or above.For all S3 compliant object store, enable the following permissions for the IAM role:
s3:GetBucketObjectLockConfiguration
s3:GetObjectLegalHold
s3:GetObjectRetention
NOTE: To configure object lock on S3 buckets in all S3 compliant object stores, below S3 permissions are needed for IAM role:
s3:BypassGovernanceRetention
s3:PutBucketObjectLockConfiguration
s3:PutObjectLegalHold
s3:PutObjectRetention
Configure an AWS/S3 cloud account in PX-Backup.
Install the latest version of MinIO that supports object lock.
Install or upgrade to Stork version 2.10 or above for object lock.
Backups to object lock enabled buckets fail with the following error message if the minimum Stork version is not installed: