Why is data lost?

Data may be deleted in the following scenarios:

• Lifecycle rule

  Data can be automatically deleted by OSS if a lifecycle rule is configured for this purpose. Ensure that lifecycle rules are set up carefully. For more information, see the referenced document.

• Bucket set to allow public read-write

  If a bucket's access control list is set to public-read-write, or if its policy permits public read-write access, anyone can read or write files within the bucket. It is advisable to avoid granting such permissions or policies unless absolutely necessary. For more information, see setting a bucket's ACL and authorizing user access to specific resources through a bucket policy.

• Compromised account with bucket management permissions

  If an account with bucket management permissions is compromised, unauthorized users could potentially manipulate the files within the bucket. To mitigate this risk, it is advisable to employ RAM users and assign only the essential permissions required for management. Should a compromise occur, promptly change the RAM user's password and disable the AccessKey. For more information, see RAM user overview.

• Accidental deletion by an administrator

  In the event of accidental deletion by an administrator, files removed from OSS cannot be restored. To safeguard against unintended overwrites or deletions, it is advisable to utilize these protective features:

  • Cross-region replication allows you to back up data from a bucket to storage in other regions. For more information, see cross-region replication.

  • Scheduled backup enables regular data backups to Cloud Backup. For more information, see scheduled backup.

  • Versioning saves files as historical versions. For more information, see versioning.

  • The retention policy ensures that files cannot be overwritten or deleted during the specified retention period. For more information, see retention policy.