File Lock / Object Lock is a feature that allows Backblaze B2 customers to make data immutable by preventing a file from being modified or deleted for a defined period of time. When configured, Default Bucket Retention applies Object Lock for a specified retention period on files uploaded or copied into a bucket.
This article covers how Default Bucket Retention may be applied on a bucket through the Backblaze web application. For information on how to apply Default Bucket Retention via API, visit this page.
A prerequisite for applying Object Lock Legal Hold on a file is that Object Lock is enabled for a bucket. Object Lock can be enabled on a bucket at the time of the bucket's creation, or after the fact on a pre-existing bucket.
- By default, Object Lock is disabled for a bucket.
- Once Object Lock is enabled for a bucket, files in the bucket are not immutable - a Default Bucket Retention period must be set first.
Once the bucket has been created, click Object Lock on the Bucket card.
The Object Lock modal appears. In the modal, enter the number of days you wish files to be immutable, values from 1 to 3,000 are supported. Click Save changes to apply the default retention period.
- All files uploaded or copied to that bucket, from that time onward, will then be protected by those Object Lock retention settings by default.
- Files in the bucket before the retention period was applied are not immutable, i.e. the files may be modified or deleted.
- The default settings may be overridden for individual files at upload time (and, in some cases, after upload).
- If no default retention settings are configured on the bucket, then uploaded files will not be protected by Object Lock by default.
- The default settings can be overridden for individual files at upload time (and, in some cases, after upload).
- The number of days supported is 1 - 3,000 days.
It is important to note that once the retention period expires for a file - it may be modified or deleted.
- When used with backup software, a retention policy should be set directly within that software. If object lock is used with backup software, setting a Default Bucket Retention policy within the bucket can result in unpredictable data loss.
- For syncing files from a Network Attached Storage (NAS) device, use the B2 Native API.
- Syncing files from a NAS device to a bucket that has a Default Bucket Retention period will prevent those files from being modified or deleted. Note that as a file is updated, a new version is created and the old version of the file is hidden. In this situation (syncing files from a NAS device), we recommend that a Lifecycle Rule be applied to delete those hidden files (once the retention period has expired), else your storage will increase.
To verify if a file has Object Lock applied or to determine when the retention period expires, go to Browse Files in the web application and click the information icon for the file.
In the Details modal, look for the Object Lock field.
See also Object Lock Legal Hold