S3 3

Question 1

Object Lock

What is Object Lock?

Answer 1

Lock an object so it can’t be deleted. Good for security controls.

Question 2

Object Lock

How do you apply it to an object?

Answer 2

Turn on only for new buckets.

Question 3

Object Lock

What about old buckets and Object Lock?

Answer 3

Have to create a support ticket to turn it on.

Question 4

Object Lock

What’s the side-effect to turning on Object Lock?

Answer 4

Bucket Versioning turns on too.

Question 5

Object Lock

What’s the WORM lock?

Answer 5

Write once, read many: can’t change it or delete it.

Question 6

Object Lock

What’s the Retention Period Lock?

Answer 6

Pick time, can’t alter the file until period over.

Question 7

Object Lock

What’s Legal Hold type of Object Lock?

Answer 7

Just an on/off setting. When on, can’t change or delete the object at all.

Question 8

Object Lock

How long can a Legal Hold lock be set to?

Answer 8

N/A, Legal Hold is just an on/off, no timeline.

Question 9

Object Lock

Can an object have both types of locks?

Answer 9

Yes

Question 10

Object Lock

How do you turn on Object Lock for a bucket?

Answer 10

Can’t: just like encryption. Can set a default, but each object is set differently.

Question 11

Object Lock

How long can a Retention Lock be?

Answer 11

Years

Question 12

Object Lock

Two types of Retention Locks?

Answer 12

Compliance and Governance

Question 13

Object Lock

Once set, what in a Compliance Lock can be changed?

Answer 13

Nothing (not duration, not type, it’s cast in stone).

Question 14

Object Lock

Can the account root user change a Compliance Lock?

Answer 14

No

Question 15

Object Lock

What’s different about Governance Locks?

Answer 15

Can use s3:BypassGovernanceRetention to change settings