minio/docs/retention
Bala FA fb48ca5020 Add Get/Put Bucket Lock Configuration API support (#8120)
This feature implements [PUT Bucket object lock configuration][1] and
[GET Bucket object lock configuration][2]. After object lock
configuration is set, existing and new objects are set to WORM for
specified duration. Currently Governance mode works exactly like
Compliance mode.

Fixes #8101

[1] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTObjectLockConfiguration.html
[2] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETObjectLockConfiguration.html
2019-11-12 14:50:18 -08:00
..
README.md Add Get/Put Bucket Lock Configuration API support (#8120) 2019-11-12 14:50:18 -08:00

Object Lock and Immutablity Slack

MinIO server allows to set bucket level WORM which makes objects in the bucket immutable i.e. delete and overwrite are not allowed till stipulated time specified in the bucket's object lock configuration.

Get Started

1. Prerequisites

Install MinIO - MinIO Quickstart Guide.

2. Set per bucket WORM

WORM on a bucket is enabled by setting object lock configuration. This configuration is applied to existing and new objects in the bucket. Below is an example sets Governance mode and one day retention time from object creation time of all objects in mybucket.

$ awscli s3api put-object-lock-configuration --bucket mybucket --object-lock-configuration 'ObjectLockEnabled=\"Enabled\",Rule={DefaultRetention={Mode=\"GOVERNANCE\",Days=1}}'

3. Note

  • When global WORM is enabled by MINIO_WORM environment variable or worm field in configuration file supersedes bucket level WORM and PUT object lock configuration REST API is disabled.
  • Currently Governance mode is treated as Compliance mode.
  • Once object lock configuration is set to a bucket, existing and new objects are put in WORM mode.

Explore Further