Table of Contents |
---|
...
Swarm Storage 12.0 or above must be running in order to use this feature because it relies on the Swarm lifepoints feature to prevent deletion of locked objects until a certain date has passed. Object locking is fully implemented starting with Gateway 7.6.
Whenever When an object gets is locked until a certain date, it gets obtains a deletable=no
lifepoint protecting it from deletion until the date.
...
Introducing or extending a retention period is always possible, but there are restrictions to shortening or removing a retention period on an object already under retention:
In compliance mode this is never not permitted
In governance mode, the user needs to have the special
BypassGovernanceRetention
permission.
Also, an S3 request must explicitly includex-amz-bypass-governance-retention:true
as a request header with any request requiring overriding governance mode.
...
Differences Between S3 and Swarm's Implementation of Object Locking
In S3, a DELETE request results in a delete marker, shadowing the locked object version. Swarm's implementation deviates from this logic – it rejects any DELETE
requests for indelible objects with an HTTP 403 Forbidden
error.
Gateway checks if the object is locked when it gets a HTTP 403 Forbidden
error from Swarm. Gateway simulates the S3 behavior creating a new (unlocked) object version, immediately followed by a DELETE
, thus creating a delete marker.
For SCSP, use a configuration flag to pick the desired behavior:
...