🔗 S3 Is Not a Backup
I've gotten some flak recently for daring to suggest that S3's native features weren't a substitute for a thoughtful backup strategy.
I'm not alone in this opinion. Andreas Wittig calls out that S3 Versioning is insufficient on the grounds of three reasons:
- Accidental deletion, since you can delete all versions at the same time,
- Malicious deletion, which hits the same problem, and
- At scale, recovery is going to suck for you.
I'd also extend that to MFA delete; it makes deleting things you want to get rid of SUPER obnoxious, while still not solving for everything. I suppose Object Lock might work except then you will never, ever be able to delete your data ever again. That's expensive and more than a little bit constraining.
⚠️ This post links to an external website. ⚠️
If this post was enjoyable or useful for you, please share it! If you have comments, questions, or feedback, you can email my personal email. To get new posts, subscribe use the RSS feed.