The Object Storage Service in the EU-DE region now also includes the Object Lock functionality. This can already be triggered via the API. We are also working hard on a solution for the console/GUI. Object Lock prevents the deletion or modification of objects by an administrator regardless of the configured access rights (compliance mode). This function can be used for different use cases. For example, it can be used to ensure that objects fulfil certain retention periods and are not removed or modified during the retention period. Object Lock can also be used as a protection mechanism against ransomware attacks by compromised user accounts.
The Object Lock functionality can be configured at bucket level and is applied to the entire bucket. However, the lock is only applied to newly uploaded objects. The object lock guidelines can be changed or removed in the bucket. However, this has no effect on objects that are already locked. The changes in the policy configuration are not applied to existing objects. This means that the object lock cannot be cancelled by changing the policy.
You will find the API specification within the documentation. The Object Lock functionality is already S3 compatible. In short we will update the S3 API specification as well.
In case of questions, please have a look at the dedicated community blog of the release in region NL and post your questions within.