You can configure a grid federation connection between two StorageGRID systems to clone tenant account information and replicate bucket objects between the grids for disaster recovery. See What is grid federation?, What is account clone, and What is cross-grid replication.

The read-after-new-write (default) consistency control was improved to be more available. GET/HEAD requests for non-existent objects will succeed with up to one Storage Node offline at each site. Buckets are no longer required to be set to the Available consistency control for this scenario. For example, applications that check existence of an object before creation will properly function with read-after-new-write even during software upgrade when one Storage Node is offline.

A new maintenance procedure lets you change the display names that are shown throughout the Grid Manager. You can update display names safely and whenever you need. See Rename grid, sites, and nodes.

The FabricPool and S3 setup wizard guides you through each step of configuring StorageGRID for use with ONTAP FabricPool or other S3 client application and produces a file you can use when entering required values in the other application. See Use FabricPool setup wizard and Use S3 setup wizard.

Related to this change, a banner is now displayed on the dashboard to remind new users to configure S3 endpoint domain names for S3 virtual-hosted-style requests and set up email notifications for alerts.

The Firewall control page enables you to manage the external access of ports on nodes in your grid, and to define host addresses and IP subnets that are allowed access to closed ports. The new page also includes the untrusted Client Network settings, which now allow you to select additional ports you want open when untrusted Client Network is configured. See Configure internal firewall.

You can now determine which protocols and ciphers are used to establish secure TLS connections with client applications and secure SSH connections to internal StorageGRID services. See Manage the TLS and SSH policy.

When configuring load balancer endpoints, you can now:

The improved ILM wizard makes it easier to specify filters, enter time periods and placements, and view retention diagrams. Erasure-coding profiles are created automatically when you select a storage pool and an EC scheme for a placement. For new StorageGRID 11.7 installations (not upgrades), a storage pool is automatically created for each site and the new 1 Copy Per Site default rule ensures that new multi-site installations will have site-loss protection by default. See Manage objects with ILM.

You can now configure custom dashboards for the Grid Manager. See View and manage the dashboard.

Storage volume restoration lets you restore object data if a storage volume fails. For StorageGRID 11.7, you can start volume restoration from Grid Manager in addition to the existing method of entering commands manually. Using Grid Manager is now the preferred method for restoring object data. See Restore object data using Grid Manager.

When you upgrade to StorageGRID 11.7, you can apply the latest 11.7 hotfix at the same time. The StorageGRID upgrade page shows the recommended upgrade path and links directly to the correct download pages. See Perform upgrade.

You can now select base 10 or base 2 units for the storage values displayed in the Grid Manager and Tenant Manager. Select the user drop-down in the upper right of the Grid Manager or Tenant Manager, then select User preferences.

You can now access SNMP-compliant MIB files from the Grid Manager using the SNMP agent page. See Access MIB files.

When you perform an expansion to add a new site or new Storage Nodes, you can now assign a custom storage grade to each new node. See Perform expansion.

Tenant accounts that have permission to use a grid federation connection can clone tenant groups, users, and S3 keys from one grid to another and use cross-grid replication to replicate bucket objects between two grids. See Clone tenant groups and users and Manage cross-grid replication.

Tenant Manager users can now delete all objects in a bucket, so the bucket can be deleted. See Delete objects in bucket.

Tenant Manager users can now enable and configure default retention when creating S3 Object Lock buckets. See Create an S3 bucket.

When specifying the S3 Object Lock settings for an object or the default retention settings for a bucket, you can now use governance mode. This retention mode allows users with special permission to bypass certain retention settings. See Use S3 Object Lock to retain objects and Use S3 REST API to configure S3 Object Lock.

When added as the group policy for an S3 tenant account, the sample policy helps mitigate ransomware attacks. It prevents older object versions from being permanently deleted. See Create groups for an S3 tenant.

The NewerNoncurrentVersions action in the bucket lifecycle configuration specifies the number of noncurrent versions retained in a versioned S3 bucket. This threshold overrides lifecycle rules provided by ILM. See How objects are deleted.

S3 SelectObjectContent now offers support for Parquet objects. In addition, you can now use S3 Select with Admin and Gateway load balancer endpoints that are bare metal nodes running a kernel with cgroup v2 enabled. See S3 SelectObjectContent.

The certificate subject field is now optional. If this field is left blank, the generated certificate uses the first domain name or IP address as the subject common name (CN). See Manage security certificates.

An audit message category was added for ILM operations and includes the IDEL, LKCU, and ORLM messages. This new category is set to Normal. See ILM operations audit messages.

In addition, new audit messages were added to support new 11.7 functionality:

The following new alerts were added for StorageGRID 11.7: