Backblaze - b2 vs s3

I’ve been using Kopia for a number of months now, connected to a repo hosted in Backblaze. I set things up using the b2 provider but have seen some things in threads suggesting s3 might be a better option and also s3 as better for ransomware protections. Is it mostly a subjective choice or is s3 objectively “better” and if so, is changing my config to use s3 something simple/straightforward to do or would I need to kind of start from scratch using s3 from the start?

1 Like

B2 also has some protections against ransomware.

It’s not that S3 has better protections, but that Kopia’s native B2 protocol doesn’t support it(for now?).
However, if you create your B2 repo using S3 protocol, according to the documentation Repositories | Kopia you can use that feature as well.

1 Like

Thanks, useful info. I’m guessing from how you phrased it that I can’t simply change the config to use s3 but would have to rebuild the repo as s3, is that accurate?

I’m not sure. I’ve never done that since I started using Kopia only recently too.
But that documentation states:

For B2

NOTE: Currently, object locking is supported for Backblaze B2 but only through Kopia’s S3-compatible storage repository and not through the Backblaze B2 repository option. However, Backblaze B2 is fully S3 compatible, so you can setup your Backblaze B2 account via Kopia’s S3 repository option.


For S3

NOTE: Some settings, such as object locking and actions, can only be enabled when you create a new repository using command-line (see next section). However, once you create the repository via command-line, you can use the repository as normal in Kopia GUI: just connect to the repository as described above after you have created it in command-line.

I searched documentation and CLI’s help how to enable object locking but either I missed it or it’s not documented.
There’s also snapshot migrate | Kopia command, but the documentation is pretty sparse and I don’t know if it’ll let you migrate into object-locked repo or any other caveats and nuances to be aware of.

Actually I just found this article

Looks like it’s this part:

  • Enable Object Lock extension
    • Run: kopia maintenance set --extend-object-locks true
      • Note that the full-interval must be at least 1 day shorter than the retention-period or Kopia will not allow you to enable Object Lock extension

So then it looks like another documentation inconsistency. One place says it can be enabled only when you create a repository and what you pasted says it can be done with maintenance command.
Unless they do different things. :person_shrugging:

Object Locks must be enabled when a bucket is created. If you already have backups in the cloud, you will need to create a new bucket with Object Locks turned on (NOTE: On Backblaze S3, object-lock can be enabled on existing buckets via b2 update bucket). Once a bucket has Object Lock enabled, it cannot be disabled.

I think this paragraph refers to the storage provider, not your Kopia repository. AWS S3 documentation states:

If you create a bucket with Object Lock enabled, you can’t disable Object Lock or suspend versioning for the bucket.