Skip to main content

Manage branch buckets

Contributors netapp-lhalbert netapp-perveilerk
PDFs

Use the Tenant Manager to create and view details for branch buckets.

Before you begin

  • You've signed in to the Tenant Manager using a supported web browser.

  • You belong to a user group that has the Root access or Manage all buckets permission. These permissions override the permissions settings in group or bucket policies.

  • The base bucket you want to create a branch from has versioning enabled.

  • You're the owner of the base bucket.

About this task

Note the following information for branch buckets:

  • Permissions to set S3 Object Lock properties of buckets or objects can be granted by bucket policy or group policy.

  • If you suspend versioning on the base bucket, the contents of the base bucket will no longer be visible in its branch buckets.

Caution After you configure and create a branch bucket, you can't change the configuration.

Create branch bucket

Steps

  1. Select View buckets from the dashboard, or select STORAGE (S3) > Buckets.

  2. Select the bucket you want to create a branch from (the "base bucket").

  3. On the bucket details page, select Branches > Create branch bucket.

    The Create branch bucket button is disabled if the base bucket doesn't have versioning enabled.

Enter details

Steps

  1. Enter details for the branch bucket.

    Field Description

    Branch bucket name

    A name for the branch bucket that complies with these rules:

    • Must be unique across each StorageGRID system (not just unique within the tenant account).

    • Must be DNS compliant.

    • Must contain at least 3 and no more than 63 characters.

    • Each label must start and end with a lowercase letter or a number and can only use lowercase letters, numbers, and hyphens.

    • Must not contain periods in virtual hosted style requests. Periods will cause problems with server wildcard certificate verification.

    For more information, see the Amazon Web Services (AWS) documentation on bucket naming rules.

    Note: You can't change the name after creating the branch bucket.

    Region (can't modify for branch buckets)

    The branch bucket's region.

    The branch bucket's region must match the region for the base bucket, so this field is disabled for branch buckets.

    Before time

    The cutoff time for object versions created in the base bucket to be accessible from the branch bucket. The branch bucket provides access to object versions created earlier than Before time.

    Before time must be a date and time that has passed. It can't be a future date.

    Branch bucket type

    • Read-write: You can add or delete objects or object versions in the branch bucket.

    • Read-only: You can't modify objects in the branch bucket.

    Note: You can set the branch bucket type to read-only only if the branch bucket is empty. If the type for an existing branch bucket is set to read-write and you haven't written to it, you can change the type to read-only.

  2. Select Continue.

Manage object settings (optional)

The object settings for a branch bucket don't affect the object versions in the base bucket.

Steps

  1. If the global S3 Object Lock setting is enabled, optionally enable S3 Object Lock for the branch bucket. To enable S3 Object Lock, the branch bucket must be a read-write bucket.

    Enable S3 Object Lock for a branch bucket only if you need to keep objects for a fixed amount of time, for example, to meet certain regulatory requirements. S3 Object Lock is a permanent setting that helps you prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.

    Caution After the S3 Object Lock setting is enabled for a bucket, it can't be disabled. Anyone with the correct permissions can add objects to the branch bucket that can't be changed. You might not be able to delete these objects or the branch bucket itself.

  2. If you selected Enable S3 Object Lock, optionally enable Default retention for the branch bucket.

    Note Your grid administrator must give you permission to use specific features of S3 Object Lock.

    When Default retention is enabled, new objects added to the branch bucket will be automatically protected from being deleted or overwritten. The Default retention setting does not apply to objects that have their own retention periods.

    1. If Default retention is enabled, specify a Default retention mode for the branch bucket.

      Default retention mode Description

      Governance

      • Users with the s3:BypassGovernanceRetention permission can use the x-amz-bypass-governance-retention: true request header to bypass retention settings.

      • These users can delete an object version before its retain-until-date is reached.

      • These users can increase, decrease, or remove an object's retain-until-date.

      Compliance

      • The object can't be deleted until its retain-until-date is reached.

      • The object's retain-until-date can be increased, but it can't be decreased.

      • The object's retain-until-date can't be removed until that date is reached.

      Note: Your grid administrator must allow you to use compliance mode.

    2. If Default retention is enabled, specify the Default retention period for the branch bucket.

      The Default retention period indicates how long new objects added to the branch bucket should be retained, starting from the time they are ingested. Specify a value that is less than or equal to the maximum retention period for the tenant, as set by the grid administrator.

      A maximum retention period, which can be a value from 1 day to 100 years, is set when the grid administrator creates the tenant. When you set a default retention period, it can't exceed the value set for the maximum retention period. If needed, ask your grid administrator to increase or decrease the maximum retention period.

  3. Optionally, select Enable capacity limit.

    Capacity limit is the maximum capacity available for the branch bucket. This value represents a logical amount (object size), not a physical amount (size on disk).

    If no limit is set, the capacity for the branch bucket is unlimited. Refer to Capacity limit usage for more information.

    Note This setting applies only to objects directly ingested into the branch bucket, and not to the objects that are visible from the base bucket through the branch bucket.

  4. Optionally, select Enable object count limit.

    Object count limit is the maximum number of objects the branch bucket can contain. This value represents a logical amount (object count). If no limit is set, the object count is unlimited.

    Note This setting applies only to objects directly ingested into the branch bucket, and not to the objects that are visible from the base bucket through the branch bucket.

  5. Select Create bucket.

    The branch bucket is created and added to the table on the Buckets page.

  6. Optionally, select Go to bucket details page to view branch bucket details and perform additional configuration.

    On the Bucket details page, some configuration options related to the modification of objects are disabled for read-only buckets.