Can DeltaGlider front multiple object-storage backends?

Yes. DeltaGlider supports named backends, per-bucket backend routing, aliases, IAM, OAuth/OIDC, ABAC, audit, metrics, encryption, and object replication rules.

Can I keep recent data on-prem and archive older data to cloud storage?

DeltaGlider can support lifecycle-style placement patterns with bucket routing, encryption, and replication rules over date-partitioned prefixes. This is not a claim of full Amazon S3 Lifecycle parity.

Multi-cloud control plane

One S3 security layer.Many storage backends.

Use DeltaGlider as the stable S3-compatible entry point across on-prem storage, Hetzner, Wasabi, or another backend. Keep access control, bucket aliases, encryption, replication, audit, and operator workflows in one place.

Map our backends See retention example

Stable S3 endpoint

DeltaGlider

IAM, OAuth, ABAC, aliases, encryption, quotas, replication, metrics, audit.

On-prem

Hot tier

Latest 90 days, fast local reads, local key custody.

Hetzner

Archive tier

Older encrypted objects, lower storage cost, S3-compatible backend.

Wasabi / other S3

Second target

Optional replication target for provider optionality or DR.

Control layer

One policy surface over many object stores.

Backends move bytes. DeltaGlider keeps the app-facing security and operations contract stable.

Bucket aliasing

Expose one stable bucket name while routing to different real backend buckets.

Unified Access Control

Users, groups, S3 keys, OAuth/OIDC mapping, and ABAC stay in one control plane.

Cross-cloud replication

Copy objects between buckets or backends through run-now rules with history, failures, and optional delete replication.

Encryption at rest

Encrypt before leaving your premises, then store ciphertext in a cheaper cloud backend.

Lifecycle-style retention

Keep recent files locally and replicate older data in cheaper cloud storage.

Operational evidence

Prometheus metrics, audit entries, replication state, and admin UI visibility stay consistent.

Retention pattern

Keep hot data on-prem. Encrypt and replicate older data out.

A practical lifecycle-style pattern: preserve fast local access for recent data, then move older date-partitioned objects to cheaper cloud storage as ciphertext.

0-3 months

On-prem hot tier

Keep the newest objects close to applications. Reads are local; keys and policy stay under your control.

DeltaGlider rule

Encrypt + replicate

Schedule replication for older prefixes. DGP writes encrypted objects to the target backend and records run history/failures.

3+ months

Hetzner archive

Store lower-cost ciphertext in cloud object storage. Apps still talk to the same DGP-controlled S3-compatible entry point.

This is a lifecycle-style placement pattern, not a claim of complete Amazon S3 Lifecycle parity. If you require legal hold, Object Lock, or provider-native lifecycle transitions, keep those backend controls in the architecture.

Implementation hooks

The primitives are already in the product.

Backend routing and aliases

Route buckets to named backends and map virtual bucket names to real backend bucket names.

docs/product/reference/configuration.md

Object replication state

Replication tracks scheduler state, run history, continuation tokens, failures, and paused rules.

src/replication

Proxy-side encryption

Encrypt before data leaves the trusted runtime; the cloud backend stores ciphertext.

docs/product/reference/encryption-at-rest.md

Unified access control

IAM users, groups, access keys, OAuth/OIDC, ABAC, public prefixes, and audit stay in DeltaGlider.

src/iam

Next step

Draw your backend map.

Bring the buckets, retention windows, cloud targets, and controls you need to preserve. We will map aliases, replication, encryption, and operational ownership.

Design the control plane