fb48ca5020
This feature implements [PUT Bucket object lock configuration][1] and [GET Bucket object lock configuration][2]. After object lock configuration is set, existing and new objects are set to WORM for specified duration. Currently Governance mode works exactly like Compliance mode. Fixes #8101 [1] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTObjectLockConfiguration.html [2] https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETObjectLockConfiguration.html |
||
|---|---|---|
| .. | ||
| README.md | ||
Object Lock and Immutablity 
MinIO server allows to set bucket level WORM which makes objects in the bucket immutable i.e. delete and overwrite are not allowed till stipulated time specified in the bucket's object lock configuration.
Get Started
1. Prerequisites
Install MinIO - MinIO Quickstart Guide.
2. Set per bucket WORM
WORM on a bucket is enabled by setting object lock configuration. This configuration is applied to existing and new objects in the bucket. Below is an example sets Governance mode and one day retention time from object creation time of all objects in mybucket.
$ awscli s3api put-object-lock-configuration --bucket mybucket --object-lock-configuration 'ObjectLockEnabled=\"Enabled\",Rule={DefaultRetention={Mode=\"GOVERNANCE\",Days=1}}'
3. Note
- When global WORM is enabled by
MINIO_WORMenvironment variable orwormfield in configuration file supersedes bucket level WORM andPUT object lock configurationREST API is disabled. - Currently Governance mode is treated as Compliance mode.
- Once object lock configuration is set to a bucket, existing and new objects are put in WORM mode.