Prevent Bucket Deletion Through Irrevocable Bucket Retention Policy | CCC

Skip to main content

CCC.ObjStor.CN03: Prevent Bucket Deletion Through Irrevocable Bucket Retention Policy

Control ID:CCC.ObjStor.CN03

Title:Prevent Bucket Deletion Through Irrevocable Bucket Retention Policy

Objective:Ensure that object storage bucket is not deleted after creation, and that the preventative measure cannot be unset.

Control Family:

Data

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.Core.TH06	Data is Lost or Corrupted	Services that rely on accurate data are susceptible to disruption in the event of data loss or corruption. Any actions that lead to the unintended deletion, alteration, or limited access to data can impact the availability of the service and the system it is part of.	1	1	0

Related Capabilities

ID	Title	Description
CCC.Core.CP18	Resource Versioning	The service automatically assigns versions to child resources which can be used to preserve, retrieve, and restore past iterations.

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	PR.DS-1	0	-
CCM	DSP-16	0	-
ISO_27001	2022 A.8.1.4	0	-
NIST_800_53	SC-28	0	-
NIST_800_53	CP-10	0	-

Assessment Requirements

ID	Description	Applicability
CCC.ObjStor.CN03.AR01	When an object storage bucket deletion is attempted, the bucket MUST be fully recoverable for a set time-frame after deletion is requested.	tlp-clear tlp-green tlp-amber tlp-red
CCC.ObjStor.CN03.AR02	When an attempt is made to modify the retention policy for an object storage bucket, the service MUST prevent the policy from being modified.	tlp-clear tlp-green tlp-amber tlp-red