Skip to main content

Enable S3 Object Lock globally

Contributors netapp-lhalbert
PDFs

If an S3 tenant account needs to comply with regulatory requirements when saving object data, you must enable S3 Object Lock for your entire StorageGRID system. Enabling the global S3 Object Lock setting allows any S3 tenant user to create and manage buckets and objects with S3 Object Lock.

Before you begin
About this task

A grid administrator must enable the global S3 Object Lock setting to allow tenant users to create new buckets that have S3 Object Lock enabled. After this setting is enabled, it can't be disabled.

Note The global Compliance setting is deprecated. If you enabled this setting using a previous version of StorageGRID, the S3 Object Lock setting is enabled automatically. You can continue to use StorageGRID to manage the settings of existing compliant buckets; however, you can't create new compliant buckets. For details, see NetApp Knowledge Base: How to manage legacy Compliant buckets in StorageGRID 11.5.
Steps

  1. Select CONFIGURATION > System > S3 Object Lock.

    The S3 Object Lock Settings page appears.

  2. Select Enable S3 Object Lock.

  3. Select Apply.

    A confirmation dialog box appears and reminds you that you can't disable S3 Object Lock after it is enabled.

  4. If you are sure you want to permanently enable S3 Object Lock for your entire system, select OK.

    When you select OK:

    • If the default rule in the active ILM policy is compliant, S3 Object Lock is now enabled for the entire grid and can't be disabled.

    • If the default rule is not compliant, an error appears. You must create and activate a new ILM policy that includes a compliant rule as its default rule. Select OK. Then, create a new policy, simulate it, and activate it. See Create ILM policy for instructions.