S3 Object Lock tasks
As a grid administrator, you must coordinate closely with tenant users to ensure that the objects are protected in a manner that satisfies their retention requirements.
Applying tenant settings across the grid could take 15 minutes or longer based on network connectivity, node status, and Cassandra operations. |
The following lists for grid administrators and tenant users contain the high-level tasks for using the S3 Object Lock feature.
- Grid administrator
-
-
Enable global S3 Object Lock setting for entire StorageGRID system.
-
Ensure that information lifecycle management (ILM) policies are compliant; that is, they meet the requirements of buckets with S3 Object Lock enabled.
-
As needed, allow a tenant to use Compliance as the retention mode. Otherwise, only Governance mode is allowed.
-
As needed, set a maximum retention period for a tenant.
-
- Tenant user
-
-
Review considerations for buckets and objects with S3 Object Lock.
-
As needed, contact grid administrator to enable global S3 Object Lock setting and set permissions.
-
Create buckets with S3 Object Lock enabled.
-
Optionally, configure default retention settings for a bucket:
-
Default retention mode: Governance or Compliance, if allowed by the grid administrator.
-
Default retention period: Must be less than or equal to maximum retention period set by grid administrator.
-
-
Use the S3 client application to add objects and optionally set object-specific retention:
-
Retention mode. Governance or Compliance, if allowed by the grid administrator.
-
Retain Until Date: Must be less than or equal to what is allowed by the maximum retention period set by grid administrator.
-
-