Skip to content

Object Lock

In SCS3, Object Lock is a feature that prevents objects from being deleted for a specified period or indefinitely. This feature is critical for meeting regulatory compliance requirements, ensuring that data is immutable for a specific time or until a certain event occurs.

Object Lock provides two primary methods for managing the retention of objects:

  • Retention periods.
  • Legal holds.

Each object version can be associated with either a retention period, a legal hold, or both.

Object Lock requires versioning to be enabled (see Enable Versioning) and locks a specific object version.

Important

Applying a retention period or a legal hold will be limited to this specified version.
It doesn't prevent the creation of new versions of the object or the addition of delete markers.

When you upload an object into a bucket that already has a protected object with the same key name, SCS3 generates a new version of that object. The existing version remains locked in accordance with its retention settings, ensuring that it is preserved and protected.

What is a Retention Period?

A retention period defines a specific duration during which an object version remains locked and cannot be deleted. A retention period can be defined in two ways:

  • As a default retention period for an entire SCS3 bucket. In such a case you need to specify the period in Days.
  • At the object level. In such a case you need to specify it using RetainUntilDate parameter.

The default retention period will be applied to any object uploaded to the bucket, unless object-specific retention period is specified while uploading.

Important

  • Uploading an object with a specific object-level retention period will override the bucket-level default retention period.
  • The default retention period is not retroactively applied if the object-level retention period is removed.

With the Object Lock feature, you have the capability to apply a legal hold to a specific object version. Similar to a retention period, a legal hold ensures that an object version cannot be deleted. However, unlike a retention period, a legal hold doesn't have a set duration; it remains in place until it is explicitly removed.

Legal holds function independently of retention periods. Adding a legal hold to an object version does not alter the retention mode or the duration of the retention period for that object.

For instance, consider a scenario where a legal hold is applied to an object version that is also under the protection of a retention period. If the retention period comes to an end, this object version still remains protected until the legal hold is manually lifted by an authorized user. Conversely, if you lift a legal hold while an object version is still within its retention period, the object will stay protected until the retention period concludes.

Example

For instance, imagine you have an object that is 20 days into a 40-day retention period, and you upload a new object to SCS3 with the same name and a 75-day retention period. In this scenario, your upload request is successful, and SCS3 creates a new version of the object with a 75-day retention period. The previous version retains its original retention period and becomes eligible for deletion in 20 days.

Once a retention setting is applied to an object version, you can extend the retention period. To do so, submit a new Object Lock request for the object version with a parameter --object-lock-retain-until-date later than the current one. SCS3 will update the existing retention period to reflect the new, longer duration.

Retention Modes

When configuring a retention period on an object or SCS3 bucket, you must choose between two retention modes: compliance or governance.

Compliance Mode

Once an object version is protected, it cannot be deleted by any user, including the bucket owner. When an object is locked under compliance mode, its retention mode cannot be changed and its retention period cannot be shortened or removed completely. This mode is designed to ensure that a particular version of an object remains intact and undeleted throughout the designated retention period.

Governance Mode

Users are prevented from deleting an object version or changing its lock settings except for the bucket owner. Governance mode allows you to safeguard objects from deletion by most users while still providing the flexibility to modify retention settings or delete the objects if needed by the bucket owner. This mode is particularly useful for testing retention period settings before committing to a compliance-mode retention period.