By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Can you delete a bucket with object lock on it?

0

I created a bucket and applied lock on it, say Compliance lock. Can I delete the bucket?

Topics
Storage
Tags
Amazon Simple Storage Service
Language
English
Saurav
asked 13 days ago237 views
3 Answers
3

Hello. If you've applied a Compliance mode object lock to your S3 bucket, you can't delete it until the retention period for all objects expires. This is because Compliance mode locks objects completely, preventing any deletion until the specified time elapses. However, if you're using Governance mode, users might be able to delete objects before the retention period ends if they have the right permissions.

For more details, you can check out the AWS documentation on S3 Object Lock: https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html

profile picture
kranthi putti
answered 13 days ago
2

Hello.

If there are no objects in the S3 bucket, you can delete an S3 bucket that has compliance mode object lock set.
However, if even one object from an old version remains in S3, the S3 bucket cannot be deleted.
The object lock is to prevent objects in the bucket from being deleted, so if the bucket is empty, it can be deleted normally.
https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html

S3 Object Lock can help prevent Amazon S3 objects from being deleted or overwritten for a fixed amount of time or indefinitely. Object Lock uses a write-once-read-many (WORM) model to store objects. You can use Object Lock to help meet regulatory requirements that require WORM storage, or to add another layer of protection against object changes or deletion.

profile picture
EXPERT
Riku_Kobayashi
answered 13 days ago
0

Hi

  • object lock depends on the specific mode of object lock enabled:*

**Compliance mode: **In this mode, objects are completely locked and cannot be deleted by any user, including the root account, until the retention period expires. There is no way to bypass this restriction.

Governance mode: Objects can't be deleted by users unless they have specific permissions:

s3:BypassGovernanceRetention permission: With this permission, users can delete objects before the retention period ends. x-amz-bypass-governance-retention:true header: Including this header in the DELETE request allows deletion before the retention period, but only for users with the necessary permissions.

profile picture
EXPERT
GK
answered 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content