Disable Specific API's
For certain API's, like the ability to Delete a backup, have the ability for an Owner to disable this API call entirely, to prevent bad actors from being able to destroy a system or even a good actor from unintentionally destroying a system. If a customer has a policy that no backups shall be deleted ever, have the ability to disable this API across the board.
Suraj
shared this idea
Hello,
I am pleased to announce that we have released our backup feature called Backup Compliance Policy, that protects your backups from being deleted by any user, ensuring WORM and full immutability (can not be edited/modified or deleted) for backups automatically in Atlas. This applies to any method of deleting backups, regardless of wheter it is through the UI or the API.
Backup Compliance Policy allows organizations to configure a project-level policy to prevent the deletion of backups before a predefined period, guarantee all clusters have backup enabled, ensure that all clusters have a minimum backup retention and schedule policy in place, and more.
With these controls, you can more easily satisfy data protection requirements (e.g., AppJ, DORA, immutable / WORM backups, etc.) without the need for manual processes.
Please note that the Backup Compliance Policy can not be disabled without MongoDB support once enabled so please make sure to read our documentation thoroughly before enabling.