Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ Object Storage Service/ OBS Buckets Have WORM Enabled

Updated on 2025-08-25 GMT+08:00

View PDF

OBS Buckets Have WORM Enabled

Rule Details

**Table 1** Rule details
Parameter	Description
Rule Name	obs-bucket-default-lock-enabled
Identifier	obs-bucket-default-lock-enabled
Description	If an OBS bucket does not have write-once-read-many (WORM) enabled, this bucket is noncompliant.
Tag	obs
Trigger Type	Configuration change
Filter Type	obs.buckets
Configure Rule Parameters	None

Applicable Scenario

In compliance mode, a WORM-protected object version cannot be overwritten or deleted by anyone, including the root user. For details, see Configuring WORM to Protect Objects from Being Overwritten or Deleted.

Solution

You can enable WORM for noncompliant OBS buckets based on Configuring WORM to Protect Objects from Being Overwritten or Deleted.

Rule Logic

If an OBS bucket has WORM enabled, this bucket is compliant.
If an OBS bucket does not have WORM enabled, this bucket is noncompliant.

Parent topic: Object Storage Service

Previous topic: OBS Buckets Have Lifecycle Management Enabled

Next topic: OBS Buckets Use Server-side Encryption with KMS-Managed Keys

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.