Add optional retention policies to Compute backups
Autonomous Recovery Service gives us the concept of a "retention policy" by enforcing the retention period configured on an ARS backup policy. This is great for customer's wanting assurance that malicious actors couldn't delete backups even if they had access to compromised credentials.
However, now that capability is sorely missing from Compute where backups cannot be "locked" from deletion in any way that can withstand compromised credentials. I propose you allow a similar model as with ARS to enforce backup retention for the duration of the configured term on a Compute backup or otherwise—like with customer-managed Object Storage buckets—allow for lifecycle policies to be applied along with a Backup policy to enforce custom retention terms perhaps variable based on tags, compartment ID, or other criteria.