Using object storage as a backup target
Post Reply
Posts: 43
Liked: 8 times
Joined: Aug 24, 2012 11:59 am

V10: Feature question - S3 MFA-Delete

Post by Ejdesgaard »

Red Hat Ceph Storage release notes state the following:

Support for S3 MFA-Delete
With this release, the Ceph Object Gateway supports S3 MFA-Delete using Time-Based One-Time Password (TOTP) one-time passwords as an authentication factor. This feature adds security against inappropriate data removal. You can configure buckets to require a TOTP one-time token in addition to standard S3 authentication to delete data.

The related RH BZ is:

I have not read anything about support for this in the v10 draft doc's for S3.

Will it be supported in V10 ?

Amazon ref's: ... elete.html
Chief Product Officer
Posts: 30857
Liked: 6350 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland

Re: V10: Feature question - S3 MFA-Delete

Post by Gostev »

No, it's not supported - nor it can be supported, because we do need the ability to delete objects in a fully automated fashion (without TOTP) for the backup retention policy to work. In other words, we need to be able to delete older backups outside of your retention policy automatically. Thanks!
Post Reply

Who is online

Users browsing this forum: No registered users and 3 guests