Write Once, Read Many (WORM)

WORM credentials allow uploading new objects, reading and listing those objects, but prevents those objects from ever being overwritten or deleted even if the credential is leaked or stolen. This provides protection against ransomware by making the bucket immutable when using the credentials.

To implement a Write Once, Read Many (WORM) system, create a credential that includes the following permissions:

  • Read
  • Write
  • List

Ensure the credential does not include:

  • Delete

Previous
Usage Limits