Bucket settings

To simplify access to the file system, a default group, and default permissions associated with the group, can be defined. For more information, see Default group.

If turned on, metadata keys that are used as the basis for indexing objects in the bucket can be defined. These keys must be specified at bucket creation time.

After the bucket is created, search can be turned off altogether, but the configured index keys cannot be changed.

The way the attribute is defined is described in Metadata search fields.

The ECS system behavior when accessing data in the bucket during a temporary site outage in a geo-federated setup.

If you turn this setting on, and a temporary site outage occurs, if you cannot access a bucket at the failed site where the bucket was created (owner site), you will be able to access a copy of the bucket at another site. Note that objects that you access in the buckets in the namespace might have been updated at the failed site, but changes might not have been propagated to the site from which you are accessing the object.

If you turn this setting off, data in the site which has the temporary outage is not available for access from other sites, and object reads for data that is owned by the failed site will fail. This is the default ECS system behavior to maintain strong consistency by continuing to allow access to data owned by accessible sites and preventing access to data owned by a failed site.

Read-Only option: Specifies whether a bucket with the ADO setting turned on is accessible as read-only or read-write during a temporary site outage. If you select the Read-Only option, the bucket is only accessible in read-only mode during the outage.

For more information, see TSO behavior with the ADO bucket setting turned on.

Server-side encryption, also known as Data At Rest Encryption or D@RE, encrypts data inline before storing it on ECS disks or drives. This encryption helps prevent sensitive data from being acquired from discarded or stolen media. If you turn encryption on when the bucket is created, this feature cannot be turned off later.

If the bucket's namespace is encrypted, then every bucket is encrypted. If the namespace is not encrypted, you can select encryption for individual buckets.

For a complete description of the feature, see the ECS Security Configuration Guide, available from the ECS Product Documentation page.

The storage space limit that is specified for the bucket. You can specify a storage limit for the bucket and define notification and access behavior when the quota is reached. The quota setting for a bucket cannot be less than 1 GiB. You can specify bucket quota settings in increments of GiB. You can select one of the following quota behavior options:

• Notification Only at <quota_limit_in_GiB> Soft quota setting at which you are notified.
• Block Access Only at <quota_limit_in_GiB> Hard quota setting which, when reached, prevents write/update access to the bucket.
• Block Access at <quota_limit_in_GiB> and Send Notification at <quota_limit_in_GiB> Hard quota setting which, when reached, prevents write/update access to the bucket and the quota setting at which you are notified.

For more information on bucket tagging, see Bucket tagging.

The expiration of a retention period on an object within a bucket is calculated when a request to modify an object is made and is based on the value set on the bucket and the objects themselves.

The retention period can be changed during the lifetime of the bucket.

You can find more information on retention and applying retention periods and policies in Retention periods and policies.