Lifecycle policy specification includes:
Cluster setting
Policy headers on domain
Bucket policies stored in Swarm storage (as headers)
Cluster Setting Values
The Swarm cluster setting policy.lifecycle
supports two values:
disabled – By default, the evaluation of all lifecycle policies is disabled in the cluster to provide legacy behavior.
enabled – Lifecycle policies may be enabled or disabled at the domain level for domains where such policies are applied.
The policy.lifecycle
setting can be set via Management API.
Policy Header Values
Domain objects support a Policy-Lifecycle
header that controls the behavior of lifecycle policies for buckets in the domain. The header supports either of the following values:
<unspecified> – The lack of a defined policy header means that lifecycle policies are only enabled for buckets in the domain when the
policy.lifecycle
setting is enabled.enabled – The lifecycle policies are enabled for buckets in a domain when the
policy.lifecycle
cluster setting is enabled.disabled – The lifecycle policies are disabled for buckets in a domain regardless of
policy.lifecycle
setting. ThePolicy-Lifecycle
value may be prefixed with<cluster name>=...
, meaning that the policy only applies within the specified cluster. Multiple values are allowed if this feature is used.
Lifecycle policy does not apply to unnamed content within a domain. Only named objects within buckets will have lifecycle policy applied to them.
Bucket objects support a Policy-Lifecycle
header with multiple values.
Each header value encodes one lifecycle policy.
Each Policy-Lifecycle complete rule value is suffixed with “:<cluster name>”, meaning that the policy applies within the specified cluster.
Each lifecycle rule is comprised of a number of optional attributes, expressed as <name>:<value> pairs separated by space. Extra spaces are allowed at the beginning, end, and before & after the colon.
Important
Duplicate names are not allowed in a lifecycle rule.
Unsupported names or values result in an 400 error on the bucket (or domain) write.
Supported Attributes
Attribute | Value | Definition |
---|---|---|
RuleId | <unique rule id> | A required, user-defined id of the rule. The value must be contained within quotes. Values within the quotes must be URL-encoded. |
Enabled | <true|false> | An optional indication to confirm whether the rule is enabled or not. The absence of attribute indicates the rule enabled. |
NamePrefix | <prefix> | An optional prefix to be matched against the relative name of the object in question.
|
ExpirationDays | <nonnegative integer> | The current version of an object is expired after the defined number of days. |
ExpirationDate | <ISO 8601 date> | The current version of an object is expired after the defined date (midnight UTC time). |
ObsoleteExpirationDays | <nonnegative integer> | A non-current version of an object is expired after the defined number of days when the object becomes non-current. This rule impacts nothing if the versioning is not enabled on the bucket. |
ObsoleteExpirationDate | <ISO 8601 date> | A non-current version of the object is expired after the defined date (midnight UTC time). This rule impacts nothing if the versioning is not enabled on the bucket. |
Rules with Attributes
Every rule:
Must have one or multiple expiration attributes.
ExpirationDays and ExpirationDate attributes are mutually-exclusive.
ObsoleteExpirationDays and ObsoleteExprirationDate attributes are mutually-exclusive.
Expiration Time Rule
For expiration days,
Expiration time = Creation time of the current version + Number of days indicated + Rounded up to the next midnight UTCFor obsolete expiration days,
Expiration time = Create time of the next newest object version + Number of days indicated + Rounded up to the next midnight UTCISO 8601 dates must unambiguously specify a calendar date. The (unspecified) expiration time is always midnight UTC of that date.
Expiration of a current version of an object (i.e. non-delete marker in the versioning enabled bucket) means creating a delete marker, pushing the current version down the versioning stack.
In all other cases, the object or object version is permanently deleted.
The gateway supports SCSP reads & writes of domain and bucket headers with lifecycle policies specified. Gateway S3 interface is modified to support GET, PUT, DELETE, and related permissions for bucket lifecycle policies as specified in the S3 documentation. Gateway validates policies against the S3 specification. On PUT or DELETE permission, the gateway translates the client-supplied bucket policy specifications into the appropriate Swarm bucket headers. Bucket lifecycle policy features provided via S3 that Swarm does not support (such as storage class transitions) are dropped during this translation. On the bucket lifecycle policy GET reply, Gateway performs reverse translation for any Policy-Lifecycle headers on the bucket object into an S3-compatible format.
Swarm Content Portal provides a convenient method of managing policies.
Since lifecycle policies are part of the overall context-level policy framework, GET and HEAD requests on contexts and name objects (with the verbose query argument) return Policy-Lifecycle-Evaluated
and Policy-Lifecycle-Evaluated-Constrained
headers. They describe if the lifecycle policies are enforced at the various levels such as cluster, domain, and bucket.