Skip to main content

As a kind of Ransomware protection test we wanted to see how Commvault backup behaves when someone deletes the bucket content through a backdoor using a S3 browser for example. As the content of the locked bucket is physically still there (just not visible through a delete marker), CV should be able to restore them somehow. CV is also set up as WORM with the right WORM workflow of course.

But after deleting the bucket content incl. the commvault backup tree, the CV cloud library goes offline as loosing the mount-path.

 

Question: what would be the right procedure to re-enable commvault to restore the content?

Hey @Attila Mester,


Commvault does not automate the recovery if a delete marker is set. The software has no idea that an alternative version exists when the original is gone. That being said, we have a tool available to remove the delete-marker and make the object readable again.

I found this in the our all-encompassing AWS cloud architecture whitepaper

  • Commvault will delete all versions of an Amazon S3 object when Amazon S3 versioning is enabled and data reaches an expiry age. Amazon S3 versioning cannot be used to recover or revert your Commvault cloud storage.
  • When using Amazon S3 Object Lock, an authorized user can delete objects that are under compliance locks. Commvault has enhanced the CloudTestTool to assist in removing the delete marker on compliance-locked objects, to allow the removal of S3 delete markers, and to repair access to object-locked storage.

 

I don’t see further instructions on how to do this, but the docs on the cloud test tool are here: https://documentation.commvault.com/2022e/expert/9228_cloud_test_tool.html

I am assuming you should find the option in there if you fire it up?


Reply