Zum Inhalt springen
Produkte
Plattform
Developer Tools
Portal

FAQ

Zuletzt aktualisiert am

  • Allgemeine Informationen

    Sind Block Storage und Object Storage logisch und physisch getrennt?

    Ja, STACKIT Object Storage ist logisch und physisch von STACKIT Block Storage getrennt.

    Wie kann ich separate Rollen mit unterschiedlichen Rechten für meine Buckets verwenden?

    Mit unserem STACKIT Object Storage können derzeit alle Zugangsdaten innerhalb eines Projekts auf alle Buckets innerhalb eines Projekts zugreifen, sofern die Standard-Zugangsdatengruppe verwendet wird. Dies bietet maximale Flexibilität innerhalb eines Projekts.

    Wenn Sie eine andere Lösung benötigen, gibt es mehrere Optionen:

    • Sie können “Credentials Groups” innerhalb desselben Projekts verwenden und den Zugriff pro Gruppe einschränken.
    • Eine weitere Option wäre, hierfür ein weiteres Projekt zu erstellen.

  • Object Lock

    Can I enable Object Lock on an existing bucket?

    No. Object Lock can only be enabled at bucket creation time by passing objectLockEnabled=true. Existing buckets cannot be converted.

    Can I disable Object Lock on a bucket?

    No. Once Object Lock is enabled on a bucket, it cannot be disabled. The bucket will enforce Object Lock for its entire lifetime.

    What is the maximum retention period?

    The maximum retention period is 365 days.

    What is the difference between COMPLIANCE and GOVERNANCE mode?
    • COMPLIANCE: No one can delete, overwrite, or shorten the retention period on an object until it expires. This is the strictest mode and is suitable for regulatory requirements.
    • GOVERNANCE: Objects are protected, but users with the s3:BypassGovernanceRetention permission can modify or delete protected objects. This is useful for protection against accidental deletion while retaining administrative override capabilities.

    What happens when I remove the default retention from a bucket?

    Only future uploads are affected. Objects that were uploaded with a retention period keep their existing protection. Object Lock itself remains active on the bucket.

    What happens when I disable the Compliance Lock on a project?

    The Compliance Lock can only be disabled if no buckets with Object Lock exist in the project. Since Object Lock cannot be removed from an existing bucket, you must delete all Object Lock-enabled buckets before you can disable the Compliance Lock. The API returns HTTP 409 Conflict if Object Lock-enabled buckets still exist.

    Buckets without Object Lock are not affected and do not need to be deleted. Once the Compliance Lock is disabled, you cannot create new buckets with Object Lock until the Compliance Lock is re-enabled.

    Does the default retention override per-object retention?

    No. If you upload an object with an explicit retention setting, that setting takes precedence over the bucket default. The default retention only applies to objects that are uploaded without an explicit retention setting.

    What S3 operations are available for Object Lock?

    The following S3-compatible API operations are supported on buckets with Object Lock enabled:

    OperationDescription
    PutObjectRetentionSet or extend retention on an object
    GetObjectRetentionGet the retention settings of an object
    PutObjectLegalHoldEnable or disable Legal Hold on an object
    GetObjectLegalHoldCheck Legal Hold status of an object
    GetObjectLockConfigurationGet the Object Lock configuration of a bucket