Kvindo™ Cloud Docs
A private bucket plus an S3 user scoped to it by an access policy (raw IAM-style JSON).
Then apply it:
For backups you usually want a write-once, immutable bucket. Enable object lock and versioning, set a compliance retention period (objects cannot be deleted or overwritten until it expires), auto-expire old objects with objectExpirationDays, and protect the bucket itself from deletion with metadata.deleteProtection.
In compliance mode these protections are immutable: not even an S3 user with admin permissions can turn off object lock, shorten the retention period, or delete a locked object before it expires.
Then apply it:
Resource docs
More in this section