Ehhhh. I had a good reminder that s3 is only as good as its supporting interfaces a few years ago. I needed to create some test buckets with production data for dev work while I was getting a project of the ground. Sure, I could have made a new, separate read only username just for the task and all that— but it was a simple task and I was crunched for time, so I logged into the web GUI with the account admin login, made the copy, ran my tests, and deleted it. No problem. I thought. I got a VM a couple of days later from their support team saying they had reason to believe they’d lost some of my data — apparently the GUI delete had a (quickly detected, fixed and proactively addressed) bug that was deleting entries with the same relative key in every vaguely similarly named bucket, including my production bucket. Luckily it was the beginning of the transition and I sill had local copies.
Anyone could validly make the argument that this us user error and sloppy ops work — but that’s almost always the case in data loss events… be it unverified backups, abusing root, etc.
I still think there’s value in diversifying both in vendor and physical location.
Anyone could validly make the argument that this us user error and sloppy ops work — but that’s almost always the case in data loss events… be it unverified backups, abusing root, etc.
I still think there’s value in diversifying both in vendor and physical location.