Configuring a WORM Policy

This operation enables you to configure a WORM policy for a bucket. Write Once Read Many (WORM) enables you to set a protection period during which data can be read but cannot be modified or deleted. After the protection period expires, you can read, modify, or delete data in the bucket.

Context

Write Once Read Many (WORM) enables you to set a protection period during which data can be read but cannot be modified or deleted. If a bucket has been configured with the HyperReplication feature, after the bucket is configured with a WORM policy, the policy takes effect for both the primary and secondary clusters of the bucket.

Prerequisites

WORM has been enabled. To check the enablement status, choose Settings > Object Service Settings > Basic Configuration.
You have obtained the access certificate and security certificate of an activated account.
A bucket has been created.

Precautions

After a WORM policy is configured, the system time and NTP server cannot be modified. Otherwise, the WORM clock is inaccurate.

Procedure

Choose Services > Object Service > Bucket.
Enter the access certificate and security certificate of the account and click Authenticate.
- You can also choose Service > Object Service > Account, click the name of the desired account, and click the Bucket tab.
- You can perform authentication on either of the Bucket or User tab page.
Click More on the right of the desired bucket and select Manage WORM.
The Manage WORM dialog box is displayed.
Click Add.
In the text box, modify the object name and protection period as required.
- Wildcard (*) matching is supported, that is, a protection period is set for all objects that match the wildcard. If wildcard (*) is not specified, a protection period is set for a single specific object.
- You cannot set multiple protection periods for the same object.
  For example, AB* contains all objects whose names start with AB, such as AB, ABC, and AB123. If you have set a protection period for AB*, you cannot set a protection period for any object whose name starts with AB. If you have set a protection period for an object whose name starts with AB, you cannot set a protection period for AB*.
- The WORM policy takes effect only for objects uploaded to the bucket after WORM is enabled.
After setting the object name and protection period, click to confirm the configuration.
(Optional) If you want to set the protection period for other objects, click Add.
Click Save to save the WORM policy of the bucket.
If you need to activate the WORM policy later, go to the page again to activate the WORM policy.
(Optional) Click Save and Activate to activate the WORM policy.
- If the WORM policy is not activated within 24 hours after it is configured, the WORM policy takes effect within 24 hours and gets invalid 24 hours later.
- If the WORM policy is not activated after it is configured, the WORM policy can be modified or deleted within 24 hours.
- After the WORM policy is activated, it cannot be modified or deleted.