Welcome to the upcoming version of the MinIO Documentation! The content on this page is under active development and may change at any time. If you can't find what you're looking for, check our legacy documentation. Thank you for your patience.

mc retention

Description

The mc retention command configures the Write-Once Read-Many (WORM) locking settings for an object or object(s) in a bucket. You can also set the default object lock settings for a bucket, where all objects without explicit object lock settings inherit the bucket default.

To lock an object under legal hold, use mc legalhold.

Note

Starting in version RELEASE.2020-09-18T00-13-21Z, mc retention fully replaces mc lock for setting the default object lock settings for a bucket.

Use mc retention set with the --default option to set the default object lock settings for a bucket.

Bucket Must Enable Object Locking

mc retention requires that the specified bucket has object locking enabled. You can only enable object locking at bucket creation. See mc mb --with-lock for documentation on creating buckets with object locking enabled.

Retention of Object Versions

For buckets with versioning enabled, mc retention by default operates on the latest version of the target object or object(s). mc retention includes specific options that when explicitly specified direct the command to operate on either a specific object version or all versions of an object:

To direct mc retention to operate on a specific version of an object, include the --version-id argument:

To direct mc retention to operate on all versions of an object, include the --versions argument:

Examples

Set Default Bucket Retention Settings

Use mc retention set with the --recursive and --default to set the default bucket retention settings.

mc retention set  --recursive --default MODE DURATION ALIAS/PATH
  • Replace MODE with the retention mode to enable. MinIO supports the AWS S3 retention modes governance and compliance.

  • Replace DURATION with the duration which the object lock should remain in effect. For example, to set a retention period of 30 days, specify 30d.

  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the bucket.

The bucket must have object locking enabled to use this command. You can only enable object locking when creating a bucket. See mc mb --with-lock for more information on creating buckets with object locking enabled.

Set Object Lock Configuration for Versioned Object

Use mc retention set with --version-id to apply the retention settings to a specific object version:

mc retention set --version-id VERSION MODE DURATION ALIAS/PATH
  • Replace VERSION with the version of the object.

  • Replace MODE with the retention mode to enable. MinIO supports the AWS S3 retention modes governance and compliance.

  • Replace DURATION with the duration which the object lock should remain in effect. For example, to set a retention period of 30 days, specify 30d.

  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the object.

Use mc retention set with --versions to apply the retention settings to a specific object version:

mc retention set --versions  MODE DURATION ALIAS/PATH
  • Replace MODE with the retention mode to enable. MinIO supports the AWS S3 retention modes governance and compliance.

  • Replace DURATION with the duration which the object lock should remain in effect. For example, to set a retention period of 30 days, specify 30d.

  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the object.

The bucket must have object locking enabled to use this command. You can only enable object locking when creating a bucket. See mc mb --with-lock for more information on creating buckets with object locking enabled.

Retrieve Object Lock Settings for an Object or Object(s)

mc retention info ALIAS/PATH
  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the object.

Use mc retention info with --recursive to retrieve the retention settings for all objects in a bucket:

mc retention info --recursive ALIAS/PATH
  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the bucket.

The bucket must have object locking enabled to use this command. You can only enable object locking when creating a bucket. See mc mb --with-lock for more information on creating buckets with object locking enabled.

Retrieve Default Object Lock Settings for a Bucket

Use mc retention info with --default to retrieve the default object lock settings for a bucket:

mc retention info --default ALIAS/PATH
  • Replace ALIAS with the

    alias of a configured S3-compatible host.

  • Replace PATH with the path to the bucket.

The bucket must have object locking enabled to use this command. You can only enable object locking when creating a bucket. See mc mb --with-lock for more information on creating buckets with object locking enabled.

Clear Object Lock Settings for an Object or Object(s)

mc retention clear ALIAS/PATH
  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the object.

Use mc retention clear with --recursive to clear the retention settings from all objects in a bucket:

mc retention clear --recursive ALIAS/PATH
  • Replace ALIAS with the alias of a configured S3-compatible host.

  • Replace PATH with the path to the bucket.

The bucket must have object locking enabled to use this command. You can only enable object locking when creating a bucket. See mc mb --with-lock for more information on creating buckets with object locking enabled.

Syntax

mc retention set

Sets the object lock settings for the specified TARGET object.

mc retention set has the following syntax:

mc retention set [FLAGS] MODE VALIDITY TARGET

mc retention set supports the following arguments:

MODE

Sets the locking mode for the TARGET. Specify one of the following supported values:

  • governance

  • compliance

See the AWS S3 documentation on Object Lock Overview for more information on the supported modes.

Requires specifying VALIDITY.

VALIDITY

The duration which objects remain in the specified MODE after creation.

  • For days, specify a string formatted as Nd. For example, 30d for 30 days after object creation.

  • For years, specify a string formatted as Ny. For example, 1y for 1 year after object creation.

TARGET

Required

The full path to the object or objects for which to set object lock configuration. Specify the alias of a configured S3-compatible service as the prefix to the TARGET bucket path. For example:

mc retention play/mybucket/object.txt MODE VALIDITY
  • If the TARGET specifies a bucket or bucket prefix, include --recursive to apply the object lock settings to the bucket contents.

  • If the TARGET bucket has versioning enabled, mc retention set by default applies to only the latest object version. Use --version-id or --versions to apply the object lock settings to a specific version or to all versions of the object.

--bypass

Allows a user with the s3:BypassGovernanceRetention permission to modify the object. Requires the governance retention MODE

--recursive, --r

Recursively applies the object lock settings to all objects in the specified TARGET path.

Mutually exclusive with --version-id.

--default

Sets the default object lock settings for the bucket specified to TARGET using the MODE and VALIDITY. Any objects created in the bucket inherit the default object lock settings unless explicitly overriden using mc retention set.

If specifying --default, mc retention set ignores all other flags.

Starting in RELEASE.2020-09-18T00-13-21Z, mc retention set --default replaces the functionality of the deprecated mc lock command.

--rewind

Directs mc retention set to operate only on the object version(s) that existed at specified point-in-time.

  • To rewind to a specific date in the past, specify the date as an ISO8601-formatted timestamp. For example: --rewind "2020.03.24T10:00".

  • To rewind a duration in time, specify the duration as a string in #d#hh#mm#ss format. For example: --rewind "1d2hh3mm4ss".

--rewind requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

--version-id, --vid

Directs mc retention set to operate only on the specified object version.

--version-id requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Mutually exclusive with any of the following flags:

--versions

Directs mc retention set to operate on all object versions that exist in the bucket.

--versions requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Use --versions and --rewind together to apply the retention settings to all object versions that existed at a specific point-in-time.

mc retention info

Returns the current object lock setting for the specified TARGET.

mc retention info has the following syntax:

mc retention info [ARGUMENTS] TARGET

mc retention info supports the following arguments:

TARGET

Required

The full path to the object for which to retreive the object lock configuration. Specify the alias of a configured S3-compatible service as the prefix to the TARGET bucket path. For example:

mc retention info play/mybucket/object.txt
  • If the TARGET specifies a bucket or bucket prefix, include --recursive to return the object lock settings for all objects in the bucket or bucket prefix.

  • If the TARGET bucket has versioning enabled, mc retention info by default applies to only the latest object version. Use --version-id or --versions to return the object lock settings for a specific version or for all versions of the object.

--recursive, --r

Recursively returns the object lock settings for all objects in the specified TARGET path.

Mutually exclusive with --version-id.

--default

Returns the default object lock settings for the bucket specified to TARGET.

If specifying --default, mc retention info ignores all other flags.

Starting in RELEASE.2020-09-18T00-13-21Z, mc retention info --default replaces the functionality of the deprecated mc lock command.

--rewind

Directs mc retention info to operate only on the object version(s) that existed at specified point-in-time.

  • To rewind to a specific date in the past, specify the date as an ISO8601-formatted timestamp. For example: --rewind "2020.03.24T10:00".

  • To rewind a duration in time, specify the duration as a string in #d#hh#mm#ss format. For example: --rewind "1d2hh3mm4ss".

--rewind requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

--version-id, --vid

Directs mc retention info to operate only on the specified object version.

--version-id requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Mutually exclusive with any of the following flags:

--versions

Directs mc retention info to operate on all object versions that exist in the bucket.

--versions requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Use --versions and --rewind together to retrieve the retention settings for all object versions that existed at a specific point-in-time.

mc retention clear

Clears the object lock setting for the specified TARGET.

mc retention clear has the following syntax:

mc retention clear [ARGUMENTS] TARGET

mc retention clear supports the following arguments:

TARGET

Required The full path to the object or objects for which to clear the object lock configuration. Specify the alias of a configured S3-compatible service as the prefix to the TARGET bucket path. For example:

mc retention clear play/mybucket/object.txt
  • If the TARGET specifies a bucket or bucket prefix, include --recursive to clear the object lock settings to the bucket contents.

  • If the TARGET bucket has versioning enabled, mc retention clear by default applies to only the latest object version. Use --version-id or --versions to clear the object lock settings for a specific version or for all versions of the object.

--recursive, --r

Recursively clears the object lock settings for all objects in the specified TARGET path.

Mutually exclusive with --version-id.

--default

Clears the default object lock settings for the bucket specified to TARGET.

If specifying --default, mc retention clear ignores all other flags.

Starting in RELEASE.2020-09-18T00-13-21Z, mc retention clear --default replaces the functionality of the deprecated mc lock command.

--rewind

Directs mc retention clear to operate only on the object version(s) that existed at specified point-in-time.

  • To rewind to a specific date in the past, specify the date as an ISO8601-formatted timestamp. For example: --rewind "2020.03.24T10:00".

  • To rewind a duration in time, specify the duration as a string in #d#hh#mm#ss format. For example: --rewind "1d2hh3mm4ss".

--rewind requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

--version-id, --vid

Directs mc retention clear to operate only on the specified object version.

--version-id requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Mutually exclusive with any of the following flags:

--versions

Directs mc retention clear to operate on all object versions that exist in the bucket.

--versions requires that the specified --TARGET be an S3-compatible service that supports Bucket Versioning. For MinIO deployments, use mc version to enable or disable bucket versioning.

Use --versions and --rewind together to remove the retention settings from all object versions that existed at a specific point-in-time.