#devops #reading-list

🔗 S3 Is Not a Backup
lastweekinaws.com

I've gotten some flak recently for daring to suggest that S3's native features weren't a substitute for a thoughtful backup strategy.

I'm not alone in this opinion. Andreas Wittig calls out that S3 Versioning is insufficient on the grounds of three reasons:

  1. Accidental deletion, since you can delete all versions at the same time,
  2. Malicious deletion, which hits the same problem, and
  3. At scale, recovery is going to suck for you.

I'd also extend that to MFA delete; it makes deleting things you want to get rid of SUPER obnoxious, while still not solving for everything. I suppose Object Lock might work except then you will never, ever be able to delete your data ever again. That's expensive and more than a little bit constraining.

continue reading on lastweekinaws.com

⚠️ This post links to an external website. ⚠️