Table of Contents |
---|
...
A retention period can always be extended after it has been is set with the following steps:
...
Gateway refuses to enable object locking when versioning is not enabled. Gateway refuses to disable versioning once object locking is enabled. In both cases an error message is displayed.
Info |
---|
Administrators are advised against disabling versioning once object lockinghas beenis enabled anywhere in the clusterThe ability to disable versioning at the cluster level via SNMP does not pass via Gateway so it cannot protect against disabling object locking in the cluster. |
...
412 Precondition Failed
is displayed if the Swarm cluster does not support all features necessary to perform the operation.412 Precondition Failed
is displayed if the bucket does not have versioning enabled.403 Forbidden
if the user does not have thePutBucketObjectLocking
permission.
...
The defaults can be modified or removed at any time via additional PUT
commands. This does not affect the object locking status of the bucket – once it is enabled, it stays enabled.
Object Locking Cannot be Disabled After it
...
is Enabled
Info |
---|
Object locking cannot be disabledObject locking cannot be disabled once enabled on a bucket. |
...
Differences Between S3 and Swarm's Implementation of Object Locking
In S3, a DELETE request results in a delete marker, shadowing the locked object version. Swarm's implementation deviates from this logic – it rejects any DELETE
requests for indelible objects with an HTTP 403 Forbidden
error.
Gateway checks if the object is locked when it receives an HTTP 403 Forbidden
error from Swarm. Gateway simulates the S3 behavior creating a new (unlocked) object version, immediately followed by a DELETE
, thus creating a delete marker.
For SCSP, use a configuration flag to pick the desired behavior:
...
The following new policy actions related to object locking have been are introduced:
PutBucketObjectLocking
: to enable/disable object locking on a bucketGetBucketObjectLocking
: to query bucket object locking statusPutObjectRetention
: to set or extend object retentionGetObjectRetention
: to query object retentionBypassGovernanceRetention
: to shorten/remove a retention in governance modePutObjectLegalHold
: to set/remove a legal holdGetObjectLegalHold
: to query legal hold
...