Fundamentally there’s no need for the user/account that saves the backup somewhere to be able to read let alone change/delete it.
So ideally you have “write-only” credentials that can only append/add new files.
How exactly that is implemented depends on the tech. S3 and S3 compatible systems can often be configured that data straight up can’t be deleted from a bucket at all.
Fundamentally there’s no need for the user/account that saves the backup somewhere to be able to read let alone change/delete it.
So ideally you have “write-only” credentials that can only append/add new files.
How exactly that is implemented depends on the tech. S3 and S3 compatible systems can often be configured that data straight up can’t be deleted from a bucket at all.