One aspect of data security in cloud storage is how file deletions are handled. Specifically, when a file (also known as an 'object' in the case of an object storage service like Wasabi) is deleted, what happens to the deleted file and how is the disk space previously occupied by the deleted file reallocated for storing other files. File (object) deletions can occur when you delete an individual file or when you delete a parent folder, bucket, or account.
When a file is deleted on Wasabi (either via the S3 API or the Wasabi Management Console), the following actions take place:
1. The file is marked as 'object delete' from an internal state perspective (the file is no longer accessible via the S3 API or from the Wasabi management console)
2. The deleted file metadata is deleted from the Wasabi database.
3. The deleted file content is deleted from the Wasabi storage disk and the space previously occupied on the disk is securely overwritten via a Wasabi process known as 'compaction.' Once the secure compaction process is completed, the disk space is available for use with other files.
Note: Once a file, folder, bucket, or account is deleted on Wasabi via the S3 API or Wasabi Management Console, it is not possible for Wasabi Support to recover the deleted content (the content is permanently deleted from Wasabi at this point). If you are concerned about accidental or other forms of unintentional deletions from Wasabi, you should consider using the Versioning feature (which allows you to store multiple versions of the content with Wasabi) and/or the Compliance feature (which allows you to lock the content in an immutable bucket).
On a related subject, in the event that a Wasabi storage disk containing customer content fails and needs to be replaced with a new disk, Wasabi follows a similar secure process to ensure that the data on the failed disk is never accessible or recoverable. The erasure coding process used by Wasabi ensures that the disk replacement process is transparent and non-impacting to a customer (file integrity and file access is always preserved).