Configuring a Default WORM Policy for a Bucket
Functions
This operation enables WORM for a bucket and allows you to configure the default WORM policy and a retention period.
With the bucket's default WORM policy, if you do not specify a WORM policy or a retention period when you upload an object to the bucket, the default policy will be automatically applied to the newly uploaded object. In an object-level WORM policy, a specific date is required to make the object protected before the date. In the default bucket-level WORM policy, a retention period is required, and the protection for an object starts when the object is uploaded to the bucket.
To perform this operation, you must have the PutBucketObjectLockConfiguration permission. The bucket owner can perform this operation by default and can grant this permission to others by using a bucket policy or a user policy.
- You can modify or even delete the default WORM policy of a bucket. The change applies only to the objects uploaded after the change, but not to those uploaded before.
- During a multipart upload, the object parts uploaded are not protected before they are assembled. After object parts are assembled, the new object is protected by the default bucket-level WORM policy. You can also configure an object-level WORM policy for the new object.
Other restrictions on the WORM retention configuration:
- The WORM mode can only be COMPLIANCE.
- The retention period can be set to 1 to 36500 days or 1 to 100 years.
Request Syntax
PUT /?object-lock HTTP/1.1 Host: bucketname.obs.region.myhuaweicloud.com Date: date Authorization: authorization Content-Type: application/xml Content-Length: length <ObjectLockConfiguration xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/"> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Days>integer</Days> <Mode>COMPLIANCE</Mode> <Years>integer</Years> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Request Parameters
This request contains no message parameters.
Request Headers
This request uses common headers. For details, see Tabla 3.
Request Elements
Element |
Description |
Mandatory |
---|---|---|
ObjectLockConfiguration |
Container for configuring WORM for a bucket. Type: container |
Yes |
ObjectLockEnabled |
Indicates whether the bucket has WORM enabled. The value can only be Enabled. Type: string Example: Enabled |
No |
Rule |
Rule container for the default bucket-level WORM policy. Type: container |
This header is mandatory for configuring the default WORM policy for a bucket. If it is not contained, the existing default WORM policy will be deleted. |
DefaultRetention |
Container for the default WORM retention policy for the bucket. Type: container |
Mandatory if the Rule container is included. |
Mode |
Default protection mode. It can only be set to COMPLIANCE now. Type: string Example: COMPLIANCE |
Mandatory if the DefaultRetention container is included. |
Days |
Default protection period, in days. The value is from 1 to 36500. Type: integer Example: 1 |
If the DefaultRetention container is included, you must specify either Days or Years, but you cannot specify both at the same time. |
Years |
Default protection period, in years. The value is from 1 to 100. In a leap year, only 365 days are calculated. Type: integer Example: 1 |
If the DefaultRetention container is included, you must specify either Years or Days, but you cannot specify both at the same time. |
Response Syntax
HTTP/1.1 status_code Date: date Content-Length: length
Response Headers
This response uses common headers. For details, see Tabla 1.
Response Elements
This response contains no elements.
Error Responses
Tabla 2 describes possible special errors in this request.
Error Code |
Description |
HTTP Status Code |
---|---|---|
InvalidRequest |
The default object lock rule cannot be configured, because object lock is not enabled for this bucket. |
400 |
MalformedXML |
Invalid format of the Object Lock configuration. |
400 |
For other errors, see Tabla 2.
Sample Request 1
Configure the default bucket-level WORM policy with a retention period of 2 years.
PUT /?object-lock HTTP/1.1 Host: bucketname.obs.region.myhuaweicloud.com Date: WED, 01 Jul 2015 02:25:05 GMT Authorization: OBS H4IPJX0TQTHTHEBQQCEC:75/Y4Ng1izvzc1nTGxpMXTE6ynw= Content-Type: application/xml Content-Length: 157 <ObjectLockConfiguration xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/"> <ObjectLockEnabled>Enabled</ObjectLockEnabled> <Rule> <DefaultRetention> <Mode>COMPLIANCE</Mode> <Years>2</Years> </DefaultRetention> </Rule> </ObjectLockConfiguration>
Sample Response 1
HTTP/1.1 200 OK Server: OBS x-obs-request-id: BF260000016435CE298386946AE4C482 x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCT9W2tcvLmMJ+plfdopaD62S0npbaRUz Date: WED, 01 Jul 2015 02:25:06 GMT Content-Length: 0
Sample Request 2
Delete the configuration of the default bucket-level WORM policy.
PUT /?object-lock HTTP/1.1 Host: bucketname.obs.region.myhuaweicloud.com Date: WED, 01 Jul 2015 02:25:05 GMT Authorization: OBS H4IPJX0TQTHTHEBQQCEC:75/Y4Ng1izvzc1nTGxpMXTE6ynw= Content-Type: application/xml Content-Length: 157 <ObjectLockConfiguration xmlns="http://obs.region.myhuaweicloud.com/doc/2015-06-30/"> </ObjectLockConfiguration>
Sample Response 2
HTTP/1.1 200 OK Server: OBS x-obs-request-id: BF260000016435CE298386946AE4C482 x-obs-id-2: 32AAAQAAEAABSAAgAAEAABAAAQAAEAABCT9W2tcvLmMJ+plfdopaD62S0npbaRUz Date: WED, 01 Jul 2015 02:25:06 GMT Content-Length: 0