Configuring a Default WORM Policy for a Bucket¶
Functions¶
This operation enables WORM for a bucket and allows you to configure the default WORM policy and a retention period.
With the bucket's default WORM policy, if you do not specify a WORM policy or a retention period when you upload an object to the bucket, the default policy will be automatically applied to the newly uploaded object. In an object-level WORM policy, a specific date is required to make the object protected before the date. In the default bucket-level WORM policy, a retention period is required, and the protection for an object starts when the object is uploaded to the bucket.
To perform this operation, you must have the PutBucketObjectLockConfiguration permission. The bucket owner can perform this operation by default and can grant this permission to others by using a bucket policy or a user policy.
Note
You can modify or even delete the default WORM policy of a bucket. The change applies only to the objects uploaded after the change, but not to those uploaded before.
During a multipart upload, the object parts uploaded are not protected before they are assembled. After object parts are assembled, the new object is protected by the default bucket-level WORM policy. You can also configure an object-level WORM policy for the new object.
You can also configure an object-level WORM policy when initializing a multipart upload or for an already assembled multipart object.
Other restrictions on the WORM retention configuration:
The WORM mode can only be COMPLIANCE.
The retention period can be set to 1 to 36500 days or 1 to 100 years.
Request Syntax¶
PUT /?object-lock HTTP/1.1
Host: bucketname.obs.region.example.com
Date: date
Authorization: authorization
Content-Type: application/xml
Content-Length: length
<ObjectLockConfiguration xmlns="http://obs.region.example.com/doc/2015-06-30/">
<ObjectLockEnabled>Enabled</ObjectLockEnabled>
<Rule>
<DefaultRetention>
<Days>integer</Days>
<Mode>COMPLIANCE</Mode>
<Years>integer</Years>
</DefaultRetention>
</Rule>
</ObjectLockConfiguration>
Request Parameters¶
This request contains no message parameters.
Request Headers¶
This request uses common headers. For details, see Table 3.
Request Elements¶
Element | Description | Mandatory |
|---|---|---|
ObjectLockConfiguration | Container for configuring WORM for a bucket. Type: container | Yes |
ObjectLockEnabled | Indicates whether the bucket has WORM enabled. The value can only be Enabled. Type: string Example: Enabled | No |
Rule | Rule container for the default bucket-level WORM policy. Type: container | This header is mandatory for configuring the default WORM policy for a bucket. If it is not contained, the existing default WORM policy will be deleted. |
DefaultRetention | Container for the default WORM retention policy for the bucket. Type: container | Mandatory if the Rule container is included. |
Mode | Default protection mode. It can only be set to COMPLIANCE now. Type: string Example: COMPLIANCE | Mandatory if the DefaultRetention container is included. |
Days | Default protection period, in days. The value is from 1 to 36500. Type: integer Example: 1 | If the DefaultRetention container is included, you must specify either Days or Years, but you cannot specify both at the same time. |
Years | Default protection period, in years. The value is from 1 to 100. In a leap year, only 365 days are calculated. Type: integer Example: 1 | If the DefaultRetention container is included, you must specify either Years or Days, but you cannot specify both at the same time. |
Response Syntax¶
HTTP/1.1 status_code
Date: date
Content-Length: length
Response Headers¶
This response uses common headers. For details, see Table 1.
Response Elements¶
This response contains no elements.
Error Responses¶
Table 2 describes possible special errors in this request.
Error Code | Description | HTTP Status Code |
|---|---|---|
InvalidRequest | The default object lock rule cannot be configured, because object lock is not enabled for this bucket. | 400 |
MalformedXML | Invalid format of the Object Lock configuration. The XML you provided was not well-formed or did not validate against our published schema. | 400 |
For other errors, see Table 2.
Sample Request 1¶
Configure the default bucket-level WORM policy with a retention period of 2 years.
PUT /?object-lock HTTP/1.1
Host: bucketname.obs.region.example.com
Date: WED, 01 Jul 2015 02:25:05 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:75/Y4Ng1izvzc1nTGxpMXTE6ynw=
Content-Type: application/xml
Content-Length: 157
<ObjectLockConfiguration xmlns="http://obs.region.example.com/doc/2015-06-30/">
<ObjectLockEnabled>Enabled</ObjectLockEnabled>
<Rule>
<DefaultRetention>
<Mode>COMPLIANCE</Mode>
<Years>2</Years>
</DefaultRetention>
</Rule>
</ObjectLockConfiguration>
Sample Response 1¶
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: BF260000016435CE298386946AE4C482
x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCT9W2tcvLmMJ+plfdopaD62S0npbaRUz
Date: WED, 01 Jul 2015 02:25:06 GMT
Content-Length: 0
Sample Request 2¶
Delete the configuration of the default bucket-level WORM policy.
PUT /?object-lock HTTP/1.1
Host: bucketname.obs.region.example.com
Date: WED, 01 Jul 2015 02:25:05 GMT
Authorization: OBS H4IPJX0TQTHTHEBQQCEC:75/Y4Ng1izvzc1nTGxpMXTE6ynw=
Content-Type: application/xml
Content-Length: 157
<ObjectLockConfiguration xmlns="http://obs.region.example.com/doc/2015-06-30/">
</ObjectLockConfiguration>
Sample Response 2¶
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: BF260000016435CE298386946AE4C482
x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCT9W2tcvLmMJ+plfdopaD62S0npbaRUz
Date: WED, 01 Jul 2015 02:25:06 GMT
Content-Length: 0