Immutability for Capacity Tier

[gnehzis]

Would like to understand more regarding Immutability for Capacity Tier.
Understand that object lock prohibits deletion of data from the capacity extent until the immutability expiration date comes.
And we are unable to delete the backup job in Veeam during the immutability period.

The question, is it possible to delete the data directly from the object storage natively during the immutability period?
i.e, access the data using S3 browser app or login the object storage to delete the data

[Mildur]

The question, is it possible to delete the data directly from the object storage natively during the immutability period?

Definitely not. The sole purpose with object lock feature is to prevent that. If the object lock/immutable flag is developed correctly by your S3 Vendor/Service Provider, he and you will not be able to delete the offloaded objects. If that would be possible, any certification for WORM functionality would be meaningless.

You can delete your backup job, but you cant delete your Restore Points.

The only thing that should works, is to take a hammer and smash the harddrives in the object storage. All of them.
Physical damage

[Gostev]

Most S3 object storage vendors provide two locking modes called Governance and Compliance.

When using the Governance mode for locking, "root" account can still delete the locked data the way you explained.
Veeam uses the Compliance mode though, which prevents locked data deletion by anyone at all.