S3 Object Lock Permissions

Content Platform Tenant Management Help

Version
9.7.x
File Size
4269 KB
Audience
anonymous
Part Number
MK-95HCPH002-19

S3 Object Lock permissions allow you to manage retention and legal hold settings for objects in your namespace. These permissions apply only to the S3 protocol. This list describes the available permissions and their associated operations.

BypassGovernanceRetention
  • Allows a user to override or remove governance mode retention settings for objects protected by S3 Object Lock.
  • With governance mode, you protect objects against being deleted by most users. However, you can still grant some users permission to alter the retention settings or delete the object.
GetBucketObjectLockConfiguration
Retrieves the Object Lock configuration details for a specified namespace. It shows if Object Lock is enabled for the namespace and, if enabled, whether a default retention mode and retention period are configured for the namespace.
GetObjectLegalHold
Retrieves the current legal hold status of the object. The response includes information about whether the specified object has a legal hold in place.
GetObjectRetention
Retrieves the retention settings including the information about the retention mode and retention period for the specified object.
PutBucketObjectLockConfiguration
Places an Object Lock configuration on a namespace. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified namespace. You cannot change the retention type of an existing namespace.
PutObjectLegalHold
Either applies or removes a legal hold configuration for a specified object. You must specify the namespace containing the object that you want to place or remove a legal hold on.
PutObjectRetention
Places an object retention configuration on a specified object. Retention settings allow you to specify a period during which an object cannot be deleted or overwritten.