#Tamper proof in the real world...

We host customers snapmirror backups on our systems.
We would like to offer our customers a snaplock on their snapshots.
But our problem is, that if we set a 1 year lock on a snapshot, the customer is then "locked" to paying for this data for another year, simply because we cannot delete it until it has expired... And of cause most customer doesn't like to be "locked down" financially 😉
So I was thinking of a way to have a "rolling" snaplock where you run a script that looks at the snapshot in a volume, and based on the snapshot name, it determines the snaplock duration... say if "1yr" was in the snapshot name, we would look at the snapshot creation time and add say 30 days, until we hit the max of 1 year...
Are we the only hosting provider that has had this thought? And is there already a script for this out there?

I like the idea but the feature is entirely dependent on meta data of access time or modify, forgot atm.
In order to do this you would have to write that data again. Enterprise is the snap-lock type you and I really want to use.

Are you perhaps looking for the "retention-period" parameter in the rules of a snapmirror policy?
There you set retention based on snapmirror label of the snapshot.

Yes, you would use Enterprise mode SnapLock, retention period on the volume can be set to one year, or whatever, however you would use the delete privilege if you wanted to remove the volume, say they decided not to continue service with you. What SnapLock provides is retention on the DR filer if the source data is deleted; since if it is deleted on the source, it would be then deleted on a DR destination during a mirror update without SnapLock. SnapLock does not honor a delete until the retention time has elapse or a delete privilege is invoked by an operator. As long as the customer is not in control of the DR filer with SnapLock, their data will be secure. The other option for SnapLock is Compliance mode, where the delete privilege is not available. SnapLock is a logical protection technology, it doesn't protect from physical access to the media or equipment, i.e. I could take a sledge hammer to your drives, or wipe the drives outside of the NetApp.

The retention period is set on a volume and starts when the data is laid down in WALF, regardless of the SnapMirror replication policy and labels.

One of the problems you might run in to is the volume snapshot limit of 1023 . If you were retaining customer snapshots for 1 year, and that customer was creating and mirroring 4 snapshots a day, you would be unable to meet your retentions target because you would run out of snapshots on the destination. It is really important that you use SnapMirror labels to only sync the snapshots you want to retain when you have a long retention period.