Working with buckets
Buckets in
VMware Cloud Director Object Storage Extension
represent containers to which you upload
files.To store your data in
VMware Cloud Director Object Storage Extension
, you work with buckets and objects. Buckets are containers
for objects. Objects are documents and files that you store in the buckets.You create a bucket and then upload the
objects to that bucket. When you no longer need a bucket, you can delete it.
Depending on your role, you can perform different
operations with buckets.
As an … | You can … |
|---|---|
organization user | create, edit, share, empty, and delete your own buckets. |
organization administrator | create, edit, share, empty, and delete all buckets within your
organization. |
For each bucket, you can activate versioning. Versioning is a means of keeping multiple
versions of an object in the same bucket. You use versioning to preserve, retrieve, and
restore every version of every object stored in your buckets. With versioning, you can
easily recover from both unintended user actions and application failures. You activate
and deactivate versioning at the bucket level. You can activate or deactivate versioning
during the creation of a bucket, or you can edit the versioning configuration later. By
default, versioning is inactive. When you create a bucket, you can optionally activate
the object lock feature. If the feature is active, versioning for the bucket is also
active. If the object lock feature is active for a bucket, you cannot deactivate
versioning for the bucket.
To protect an object version from accidental
or malicious deletion, activate the object lock feature and set a retention policy when
you create a bucket. If you do not activate the object lock feature during the creation
of a bucket, you cannot activate the feature for this bucket later. There are three
retention modes you can select from:
Retention Mode | Description |
|---|---|
Governance Mode | A user with specific permissions can preview the retention
policy. |
Compliance Mode | The retention policy is not displayed to any user. |
No Retention | Does not require the selection of a retention period. If you
select this option, you can define the retention period
later. |
To categorize your buckets, you use the
object tagging feature and assign tags to individual objects. A tag represents a
key-value pair.
You can set a default bucket encryption so that all
objects are encrypted when they are stored in the bucket. By default,
VMware Cloud Director Object Storage Extension
does not enforce any bucket-level encryption.
You can define an encryption method at the bucket level. If both server-side encryption
and bucket encryption are configured, the bucket encryption configuration takes
precedence. If you enforce an object-level encryption through the VMware Cloud Director Object Storage Extension
API, the
object-level encryption takes precedence over the bucket encryption configuration.
Encryption Method | Description |
|---|---|
SSE-C | Use this option, if the organization
administrator wants to manage their own
encryption algorithms and primary keys. If you select this
encryption type, you must select the encryption algorithm and
specify or generate an encryption key.If a bucket is configured with SSE-C encryption, this bucket cannot be configured for
replication. If a bucket is configured for replication, this
bucket cannot be configured with SSE-C encryption. |
SSE-S3 | A server-side encryption method that uses an AES-256 algorithm.
An S3 server manages the primary keys. |
None | By default, VMware Cloud Director Object Storage Extension does not enforce bucket-level
encryption. |