Immutable Backups

Learn about Trilio for Kubernetes Immutable Backups

Immutable backups are backups that can not be modified, altered or deleted by any user or process once they are created. Immutable backups are becoming increasingly popular as organizations strive to protect themselves against ransomware attacks, where hackers encrypt critical data and demand a ransom payment in exchange for the decryption key. With immutable backups, organizations can be sure that their data is protected and can be restored without paying the ransom.

Trilio supports immutable backups on Object store targets which have object locking and versioning features enabled. For AWS S3 buckets, you can follow these steps to enable object locking. Trilio utilizes the underlying locking capabilities of the object store to create immutable backups which cannot be altered by users or the Trilio retention process.

Immutable backups can not take "forever" incremental backups as we can with standard Trilio backups. Each immutable backup has a set number of incrementals to be taken, with the backup expiring at the conclusion of the last backup in the chain. Trilio has introduced a field MaxIncrBackupsPerFullBackup which represents the total number of incremental backups taken in the chain, after which a new full backup is created so that we can slowly retire the old backups we have written on the immutable target storage.

Based on the retention and schedule policy, Trilio will set the RetainUntilDate on the backup created on the target using the put-object-retention api call. These backups will be retained on the target until the RetainUntilDate has elapsed, after that those backups will be deleted. In case of incremental backups, the expiry date of first full backup and all subsequent incremental backups would be the expiry of last incremental backup. Schedule and Retention policies must be provided in an immutable backup as we need to calculate the probable expiry date.