Add object retention at the per object (#8528)

level - this PR builds on #8120 which added PutBucketObjectLockConfiguration and GetBucketObjectLockConfiguration APIS This PR implements PutObjectRetention, GetObjectRetention API and enhances PUT and GET API operations to display governance metadata if permissions allow.
2025-11-25 20:16:10 -05:00 · 2019-11-20 13:18:09 -08:00
parent cc1a84b62e
commit ca96560d56
25 changed files with 826 additions and 194 deletions
--- a/pkg/event/name.go
+++ b/pkg/event/name.go
@@ -29,12 +29,14 @@ type Name int
 const (
 	ObjectAccessedAll Name = 1 + iota
 	ObjectAccessedGet
+	ObjectAccessedGetRetention
 	ObjectAccessedHead
 	ObjectCreatedAll
 	ObjectCreatedCompleteMultipartUpload
 	ObjectCreatedCopy
 	ObjectCreatedPost
 	ObjectCreatedPut
+	ObjectCreatedPutRetention
 	ObjectRemovedAll
 	ObjectRemovedDelete
 )
@@ -43,9 +45,9 @@ const (
 func (name Name) Expand() []Name {
 	switch name {
 	case ObjectAccessedAll:
-		return []Name{ObjectAccessedGet, ObjectAccessedHead}
+		return []Name{ObjectAccessedGet, ObjectAccessedHead, ObjectAccessedGetRetention}
 	case ObjectCreatedAll:
-		return []Name{ObjectCreatedCompleteMultipartUpload, ObjectCreatedCopy, ObjectCreatedPost, ObjectCreatedPut}
+		return []Name{ObjectCreatedCompleteMultipartUpload, ObjectCreatedCopy, ObjectCreatedPost, ObjectCreatedPut, ObjectCreatedPutRetention}
 	case ObjectRemovedAll:
 		return []Name{ObjectRemovedDelete}
 	default:
@@ -60,6 +62,8 @@ func (name Name) String() string {
 		return "s3:ObjectAccessed:*"
 	case ObjectAccessedGet:
 		return "s3:ObjectAccessed:Get"
+	case ObjectAccessedGetRetention:
+		return "s3:ObjectAccessed:GetRetention"
 	case ObjectAccessedHead:
 		return "s3:ObjectAccessed:Head"
 	case ObjectCreatedAll:
@@ -72,6 +76,8 @@ func (name Name) String() string {
 		return "s3:ObjectCreated:Post"
 	case ObjectCreatedPut:
 		return "s3:ObjectCreated:Put"
+	case ObjectCreatedPutRetention:
+		return "s3:ObjectAccessed:PutRetention"
 	case ObjectRemovedAll:
 		return "s3:ObjectRemoved:*"
 	case ObjectRemovedDelete:
@@ -130,6 +136,8 @@ func ParseName(s string) (Name, error) {
 		return ObjectAccessedAll, nil
 	case "s3:ObjectAccessed:Get":
 		return ObjectAccessedGet, nil
+	case "s3:ObjectAccessed:GetRetention":
+		return ObjectAccessedGetRetention, nil
 	case "s3:ObjectAccessed:Head":
 		return ObjectAccessedHead, nil
 	case "s3:ObjectCreated:*":
@@ -142,6 +150,8 @@ func ParseName(s string) (Name, error) {
 		return ObjectCreatedPost, nil
 	case "s3:ObjectCreated:Put":
 		return ObjectCreatedPut, nil
+	case "s3:ObjectCreated:PutRetention":
+		return ObjectCreatedPutRetention, nil
 	case "s3:ObjectRemoved:*":
 		return ObjectRemovedAll, nil
 	case "s3:ObjectRemoved:Delete":