Steves comment is correct. Deleting restore points of selected machines is only supported from the backup console. As you mentioned earlier, there are no backup files. A backup administrator will not be able to know which objects has to be deleted. Therefore the backup console has to be used.
Which I confirmed already in my last comment:
Of course. Deleting objects used by Veeam directly in object storage is not supported.
The backup console wouldn‘t work for backups which are still immutable. The console would throw an error that those restore points are still immutable. Doesn‘t matter if governance or compliance mode was used.
I also explained why we have the governance mode. Service Provider who need to delete all backups, because a customer has left. The entire repository. Deleting all objects directly on the object storage is ok and totally supported, because the backup server won‘t use this repository anymore. Just remove the repository from the backup server and delete everything on it.
Governance mode is meant for service providers to delete "EVERY OBJECT" when a customer has cancelled his contract with the service provider.
It gives the service provider an option to completely clean out the bucket and then delete it. A service provider needs that functionality or he may need to keep ex-customers backups for years.
To summarize this topic:
- you can use governance mode as an exit strategy to
delete an entire bucket with immutable backups
- you cannot delete backups from single machines directly on object storage (outside of Veeam Backup & Replication)
- we most likely will never introduce an option to delete immutable backups within the backup console when governance mode was used. This opens a huge security hole
Best,
Fabian
