Open ravindk89 opened 4 months ago
Note: Both of the above really require that no client application interfaces with the remote data. If someone goes in to delete transitioned objects, and no locking/versioning protections are in place, that data is toast.
The 'easy' path here is to emphasize in our docs section on exclusive access that users should use policy controls to DENY access to that bucket to anything outside of MinIO or admin/superadmin accounts.
https://min.io/docs/minio/linux/administration/object-management/object-lifecycle-management.html
A few things:
We do not require the remote bucket implement Object Locking, even if the source has it
We do not require the remote bucket to implement Versioning (and in fact that might be an antipattern)
[x] We can likely add those as a single H2 and call this done.
[ ] That said we might also explore a light re-arch here as a stretch goal:
Or something - would slightly improve the findability of data. Discuss first.