Write Once Read Many (WORM) Views

Overview of WORM-enabled Views

You can configure a view in a VAST Cluster to be Write Once Read Many (WORM) enabled. Once configured, files and objects that are saved to the view can be locked. When they are locked, they can be read, but not modified or deleted. You can also use the view to save files and objects without locking them, for normal read/write activity. You can set a retention periods for objects and files saved in the view. This is the time during which the files or objects are locked for read only, and after which they can be removed. The retention period can be minutes, days, months, or years.

You can create WORM-enabled views on a VAST Clusters for SMB, NFSv3, and S3 protocols.

WORM-enabled views use an external NTP time source to determine true time. Time drift is monitored, and, if detected, will lock views from expiry/deletion (release only by VD personnel). See ??? for details about configuring an NTP time source for the VAST Cluster .

Retention Periods for Locked Files and Objects

The Retention Period is the period of time a file or object is locked in a WORM-enabled view.

You can set this time either explicitly, when the file or object is created in the view (this is described below, in Locking a File Manually and Locking Objects in S3 Buckets)

You can also set and apply Default Retention Settings, which are applied if an explicit retention time is not set.

Default Retention Settings

You can define default retention settings that apply to WORM-enabled views. If set, these settings can be applied to files and objects that are saved to the view, if an explicit retention time is not set for the file or object when it is saved in the view.

Minimum Retention Period. The minimum retention period for a file or object, once it is locked, If this is set, you cannot lock an object or file for less than this time, whether using an explicit retention time for file or object, or the Default Retention Period.
If you set this, you must also set the Maximum Retention Period and the Default Retention Period.
Set it in minutes (m), hours (h), days (d), or years (y). Example: 5m.
Maximum Retention Period. The maximum retention period for a file or object, once it is locked. If this is set, you cannot lock an object or file for more than this time, whether using an explicit retention time for file or object, or the Default Retention Period. Example: 10d.
If you set this, you must also set the Minimum Retention Period and the Default Retention Period.
Set it in minutes (m), hours (h), days (d), or years (y). Example: 5m.
Default Retention Period. This is the period of time a file is locked if an explicit retention period is not set for the file.
This setting can be set without the Minimum Retention Period and Maximum Retention Period.
Set it in minutes (m), hours (h), days (d), or years (y). Example: 5m.

Auto-commit Locking of Files for NFSv3 and SMB

In addition, for NFSv3 and SMB views you can set an auto-commit period to automatically lock files that are saved to the view.

Auto-commit period. If this is set, files are automatically locked after the auto-commit period elapses from the time the file is last modified.
If you set this, you must also set the Default Retention Period.
Set it in minutes (m), hours (h), days (d), or years (y). Example: 4m.

Retention Modes for WORM-enabled Views

The Retention Mode determines how the retention period for locked files or objects in the view can be changed. This applies to WORM-enabled views for all protocols (NFSv3, SMB, and S3).

Governance. In this mode, the retention period for locked files or objects can be lengthened or shortened after the file or object is locked, or completely removed.
Compliance. In this mode the retention period for locked files or objects can be extended after the file or object is locked, but not shortened.

For NFSv3 and SMB views, you must set the Retention Mode when the view is enabled for WORM. The mode can be changed after WORM is enabled, but the changes will only apply to files that are created after the change.

For S3 buckets, you can opt not to set the Retention Mode for the view and, instead, you can set the mode for each object individually when it is locked. If you do set it, it will be used as the default for all objects saved after the change.

Legal Hold

A Legal Hold locks the file or object in a WORM-enabled view indefinitely, until explicitly (and manually) removed. The legal hold is set and removed manually, using the VAST Web UI for NFSv3 and SMB views, and using the S3 API for S3 buckets.

Legal hold locks are independent of the Retention Modes, and can be used together with them. A file or object is locked if either a retention mode or legal hold is set for it in a view, and remains locked as long as one or the other continues to apply to it. It can only be unlocked if both the legal hold is removed and the retention period expires if a Retention Mode is in effect.

Enabling WORM on Views

Enabling WORM on Views using the VAST Web UI

Create a new view in the same way as a regular view, following the steps in Create View. Select the protocols for the view (S3 cannot be selected together with NFSv3 or SMB), and associate an appropriate View Policy with the view.Creating Views
In the Write Once Read Many tab, enable the switch Enable write once read many (WORM).
Note
You can only enable WORM on a new view. Once WORM is enabled for a view, it cannot be disabled.
Select the File Retention Mode (for NFSv3 and SMB) or S3 Retention Mode (for S3). For NFSv3 and SMB, you must select one of the modes; for S3, you can also select None (in which case the mode is set when an object is locked in the S3 bucket - see Locking Objects in S3 Buckets).
Optionally, set Retention Settings. These can also be set or modified later, after the view is created.
Click Create.

You can modify a WORM-enabled view, as you would modify a regular view, subject to the limitations discussed below in Use Limitations for WORM-enabled Views.

Enabling WORM on S3 Buckets using the S3 API

This table summarizes the actions to enable object locking on S3 buckets to configure them for WORM (locking) using the S3 API.

Once a bucket has WORM (locking) enabled, it cannot be disabled. Enabling locking also enables object versioning on the bucket.

Action	S3 API Operation	S3 Permission Required
Enable object locking on a new bucket.	CreateBucket, and Include the `x-amz-bucket-object-lock-enabled` header	s3:PutBucketObjectLockConfiguration
Enable object locking on an existing bucket and set a default retention period.	PutObjectLockConfiguration	s3:PutBucketObjectLockConfiguration
Get the object locking configuration of a bucket.	GetObjectLockConfiguration	s3:GetObjectLockConfiguration

Enabling WORM on Views Using the VAST CLI

Use the view create and view modify commands to enable a view for WORM, and to set default retention settings.

In particular, use these options for S3 buckets:

--lockings to enable or disable WORM on an S3 bucket
--s3-locks-retention-mode to set the retention mode for a WORM-enabled S3 bucket
--default-retention-period to set the default retention for a WORM-enabled S3 bucket

Use these options for NFSv3 and SMB views:

--locking to enable or disable WORM on an NFSv3 or SMB view
--files-retention-mode to set the retention mode for a WORM-enabled NFSv3 or SMB view
--max-retention-period and --min-retention-period to set the default maximum and minimum retention periods for a WORM-enabled NFSv3 or SMB view
--auto-commit to set the auto-commit period for a WORM-enabled NFSv3 or SMB view

Locking Files in NFSv3 & SMB

You can lock files in NFSv3 and SMB WORM-enabled view in a number of ways.

Manually. Create or save a file in a view, and then manually lock it for an explicitly defined period of time, or for the default retention time.

Automatic. Create or save a file in a view, that is locked automatically for the default retention time.

Hold. Manually set a file to indefinite Hold.

Locking a File Manually

Lock a file manually by setting the atime

This locks a file by setting the atime of the file to a time in the future. Minimum and Maximum Retention Periods, if they are defined, are enforced. The Default Retention Period, if defined, is ignored.

Create or save the file in the view.
Set the atime of the file to the time the file is to be locked.
For example, for NFSv3 use this command to set the atime for a file to 5 days in the future:
```
touch -a -t $(date -d "5 days" +"%Y%m%d%H%M.%S") filename
```
For Windows (SMB), use this Powershell command to set the atime for 5 days in the future:
```
(Get-Item "filename").LastAccessTime = (Get-Date).AddDays(5)
```
Or, use this command to set the atime to a specific time & date in the future:
```
Set-ItemProperty -Path x:\filename -Name LastAccessTime -Value 2024-07-05T11:30:00
```
The file is locked.
If the Maximum and Minimum Retention Periods are set, the retention time set by the atime must be between this minimum and maximum. If so, the file is locked for the retention time set by the atime. If not, the file is locked for either the minimum or maximum retention period.

Lock a file manually by setting it to Read-Only

This locks a file by setting it to Read-Only. It is locked for the Default Retention Period , which must be defined (else the action will fail).

Create or save the file to the view.
Set the file to be Read-Only. The file is locked for the period of time set by the Default Retention Period.
For example, for NFSv3, use this command:
```
chmod 444 filename
```
For Windows (SMB), right-click on the file, select the General tab, and then select the Read-only attribute.
You can also use this command line action:
```
attrib +r "filename"
```
Note
If the Default Retention Period is not set, the action will fail, and an error will be displayed.

Examples where Default Retention Settings are Set

In these examples, the Minimum Retention Period is 5 days, and the Maximum Retention Period is 30 days. The Default Retention Period is 7 days.

Set atime for file, within the default retention range. A file is saved to the view, and the atime is set for 10 days in the future.
The file is locked for 10 days.
Set atime for file, outside the default retention range. A file is saved to the view, and the atime is set for 3 days in the future.
The file is locked for 5 days (the Minimum Retention Period).
Set atime for file, outside the default retention range. A file is saved to the view, and the atime is set for 1 year days in the future.
The file is locked for 30 days (the Maximum Retention Period).
Set the file to Read-Only. The file is locked for 5 days (the Default Retention Period).

Examples where Default Retention Settings are Not Set

In these examples, no Default Retention Settings are defined for the view.

Set atime for file. A file is saved to the view, and the atime is set for 10 days in the future.
The file is locked for 10 days.
Set the file to Read-Only. A file is saved to the view. It is not locked.

Locking a File Automatically using Auto-commit

This locks a file automatically. It is locked after the auto-commit period elapses after it is last saved or updated (touched). It is locked for the Default Retention Period. Both , auto-commit period and Default Retention Period must be defined for the view.

Lock a file automatically using auto-commit

Save the file in the view. If both auto-commit period and Default Retention Period are defined, the file will be locked after the auto-commit period elapses after it is last saved or updated (touched). It is locked for the Default Retention Period.
Note
If you set the file to Read-Only, it will be locked immediately, for the Default Retention Period.

Examples

Save a file, with Default Retention Settings and Auto-commit period defined. A file is saved to the view. It is automatically locked after the auto-commit period elapses from the time the file is last updated. It is locked for the Default Retention Period, after which it is unlocked.
Save a file, with Default Retention Settings, but Auto-commit not defined. A file is saved. It is not locked.

Locking a File with a Legal Hold

This locks the file indefinitely (until the hold is manually removed). This action ignores any default settings.

Lock a file with a Legal Hold in a WORM-enabled view

On the VAST Web UI , navigate to the Element Store page and select the Views tab. The view must be WORM-enabled.
Right-click on the view containing the file, and select Legal Hold.
Enter the path to the file, and then click Set. A legal hold is applied to the file.
Note
You cannot set a Legal Hold on a file that already has a Legal Hold set for it.

Remove a Legal Hold from a file

On the VAST Web UI , navigate to the Element Store page and select the Views tab.
Right-click on the view containing the file, and select Legal Hold.
Enter the path to the file, and then click Clear. The legal hold is removed from the file.

Example

To illustrate using a legal hold together with a retention period, suppose a file is locked for one week, and a legal hold is applied to it. If the legal hold is then removed during the week, the file continues to be locked, until the week elapses, after which it is unlocked. If, however, the legal hold is not removed, the file continues to be locked after the week elapses, until the legal hold is removed.

Locking Objects in S3 Buckets

You can manually lock an object in an S3 bucket using the S3 API. Default Retention Settings do no affect locking objects in S3 buckets.

Manually lock an object in an S3 bucket

Save the object to the bucket.
Set the retention time for the object using PutObjectRetention API. This includes setting the retention mode and setting an explicit retention period (Retain Until Date) on the object. The explicit retention period overrides a default retention period set on the bucket.

Extend the retention time for an object locked in an S3 bucket

Save the object to the bucket.
Update the retention time using the PutObjectRetention API, including the revised Retain Until Date setting.

Lock an object with a Legal Hold in an S3 bucket

Save the object to the bucket.
Apply the Legal Hold to the object using the PutObjectLegalHold API.

Permissions Required for S3 Locking

This table lists the S3 permissions required to perform locking operations for objects on S3 buckets

Operation	Required S3 Permission
Set retention for an object	s3:PutObjectRetention
Get retention details for an object	s3:GetObjectRetention
Apply a Legal Hold to an object	s3:PutObjectLegalHold
Get Legal Hold status for an object	s3:GetObjectLegalHold

Use Limitations for WORM-enabled Views

These limitations apply to WORM-enabled views:

Disable WORM on a view. You cannot disable WORM for the view once it is enabled.
Changing protocols for the view. You can add additional protocols to a WORM-enabled view, but cannot remove a protocol. For example, if the view was for NFSv3, you can add SMB. You cannot remove either of these afterwards.
NFS/SMB and S3 protocols. You cannot configure a WORM-enabled view for NFSv3/SMB and S3 together.
Rename or update files. You cannot rename or write to files that have become unlocked on in a WORM-enabled view. You can, however, delete them if they are unlocked. You also cannot add ACEs that grant write permissions to locked files or objects .
Delete empty views. You can delete a WORM-enabled view if all files and objects have been removed from it (this can only be done if they are unlocked). This means that all retentions must have elapsed, and any legal holds removed from files or objects in the view.
Permission repair. You cannot run bulk permission updates on WORM-enabled views.
Nested views. You cannot nest views under a WORM-enabled view. For example, if a WORM-enabled view is defined on/dir1, you cannot define another nested view (not necessarily WORM-enabled) on /dir1/dir2.

Listing WORM-enabled Views

You can see which views are configured as WORM-enabled in the Views page. The field WORM indicates whether the view is WORM-enabled. See Displaying Views.Displaying Views

Note
If the WORM field is not shown in the page, click , and then select WORM as a field to display.

Disposition of WORM-enabled Views

Files are unlocked once their retention period elapses. They can then be deleted. They cannot be renamed or moved.

WORM cannot be disabled on the view once set, even if all files in it are unlocked and removed. An empty view (all files deleted) can, however, be removed (Remove in the VAST Web UI or view delete in the VAST CLI ).