Help Center/ TaurusDB/ User Guide/ Data Backups/ Configuring the Compliance Lock
Updated on 2026-06-04 GMT+08:00
View PDF
Share

Configuring the Compliance Lock

Scenarios

Safeguarding backup data is critical when you use cloud database services. In the event of an account compromise or other security breach, attackers may maliciously delete backup data, making data recovery impossible and causing significant business loss.

To address this issue, TaurusDB provides an instance-level compliance lock for backups. After enabling this lock, you can set a retention period (1 to 36,500 days). During this period, manually created full backups are protected against deletion. During the validity period of the compliance lock, your instance cannot be deleted or unsubscribed from. Before the lock expires, you can extend the retention period but not shorten it. This mechanism protects instance backups against unauthorized or malicious deletion.

Backup Policy Priority

Automated backups are governed by the established backup policy. The automated backup policy takes precedence over the compliance lock when they conflict with each other. However, manual backups are subject to the restrictions defined by the compliance lock.

Billing

Enabling the compliance lock prevents manual backup deletion, which may increase billed space for full backups. For details, see Billed Space for Full Backups.

Constraints

  • After the compliance lock is enabled, manual backups within the retention period cannot be deleted on the Backups or Full Backups page.
  • Once the compliance lock is enabled, you cannot disable it. You can only extend the retention period.
  • The retention period of the compliance lock can be extended and cannot be shortened.

Enabling the Compliance Lock

  1. Log in to the TaurusDB console.
  2. Click in the upper left corner and select a region and project.
  3. On the Instances page, click the instance name.
  4. In the navigation pane, choose Backups > Full Backups.
  5. Click next to Compliance Lock.
  6. In the displayed dialog box, click to enable the compliance lock.

    Figure 1 Enabling the compliance lock

  7. Set the backup retention period, which can range from 1 to 36,500 days. After confirming the information, enter YES in the text box and click OK.

    Figure 2 Configuring the compliance lock

  8. After the compliance lock is enabled, you can view the retention period on the Full Backups page.

    Figure 3 Viewing the compliance lock

    If the compliance lock is about to expire in seven days, the instance status shows "The compliance lock is about to expire" in the instance list on the Instances page.

    Figure 4 Instance status

  9. To extend the retention period, go to the Full Backups page and click Extend Retention Period. In the displayed dialog box, select the number of days, enter YES in the text box, and click OK.

    Once the retention period is extended, it cannot be shortened.
    Figure 5 Extending the retention period

Parent Topic: Data Backups