Was this page helpful?
Immutable (WORM) Backups¶
Available with the Premium plan
ScyllaDB Cloud supports immutable backups (also known as WORM — Write Once, Read Many) for GCP-based clusters. This feature lets you protect your backup data from deletion or modification for a defined retention period, enforced at the cloud storage level.
Note
Immutable backups are available for GCP clusters only. To enable this feature for your cluster, contact ScyllaDB Support.
What Are Immutable Backups?¶
Immutable backups are backups that cannot be deleted or overwritten for a specified period of time. Once a backup is locked, neither users, administrators, nor ScyllaDB Cloud itself can remove it before the retention period expires.
Immutable backups leverage cloud provider capabilities to enforce retention locks on backup storage. Different cloud providers implement this using different technologies: Google Cloud Storage Retention Lock (GCP), Amazon S3 Object Lock (AWS), Azure Immutable Storage (Azure), and Object Storage Retention Rules (OCI). ScyllaDB Cloud currently supports Google Cloud Storage Retention Lock, with support for other cloud providers planned for future releases.
The protection is enforced directly by GCP using object locks, making it independent of any application-level controls.
GCP object locks support two modes: Governance, where the lock can be overridden by authorized users, and Compliance, where the lock is strictly enforced with no exceptions. Both modes are supported in ScyllaDB Cloud.
Why Use Immutable Backups?¶
Immutable backups are useful when you need strong guarantees that backup data is preserved intact and untampered. Common use cases include:
Regulatory compliance — Many regulations (such as financial or healthcare data requirements) mandate that records be retained and protected from modification for a defined period.
Ransomware protection — Immutable backups remain safe even if other systems or credentials are compromised, because the lock is enforced at the storage level.
Audit readiness — Knowing that backups have not been altered since creation gives confidence during audits or incident investigations.
Cost Considerations¶
Enabling immutable backups does not add any ScyllaDB Cloud service charges beyond the standard backup storage fees included in the Premium plan. However, because immutable backups are enforced at the GCP Cloud Storage level using object locks, you may incur additional GCP costs:
Storage costs — Locked backups cannot be deleted before their retention period ends, and continue to accrue storage costs even if the cluster they were taken from is deleted or the contract with ScyllaDB is terminated. You may pay more for storage depending on how long backups are retained.
Increased API operations — Setting and managing object locks requires additional API calls per backup file, which GCP bills as Class A operations.
The actual additional cost depends on backup frequency, the number of files per backup, and the chosen retention period.
Enabling Immutable Backups¶
Immutable backups require configuration by ScyllaDB Cloud on your behalf. To get started, contact ScyllaDB Support and provide:
Your cluster name and GCP region.
The desired lock mode (Governance or Compliance).
The retention period (in days).