The Object Storage Service has been expanded to cover a functionality called Object Lock that is currently available as API functionality only. Object Lock prevents objects to be deleted by an administrator independent of the access rights granted (Compliancy mode). This functionality can be used to ensure objects are kept according to specific retention times to fulfill compliance requirements as well as protection against compromised accounts leading to e.g. ransomware attacks.
The functionality is given on a bucket level and the associated policy can be configured per bucket. The object lock is applied to newly uploaded objects within the bucket. The policy can be changed or deleted. But changes of the policy will not be applied to existing objects.
You will find the API specification within the documentation. The Object Lock functionality is already S3 compatible. In short we will update the S3 API specification as well.
We will inform you separately about the availability of the functionality in the DE-region.
In case of questions, please have a look at the dedicated community blog and post your questions within.