How to Control Compliance settings with API calls

Compliance is a feature that prevents the deletion of any object until the specified retention period passes. It is possible to set and edit the Compliance settings via API calls. This can be done using an application (like Postman) or one of several scripts we have developed (shown below). As the Delete After Retention (DAR) feature was removed from the console, currently, the only way to disable DAR for customers who had enabled the feature is via API commands.

  1. POSTMAN
  2. .Net Script
  3. PYTHON

POSTMAN

Postman is an API platform for building and using APIs. If you have no previous experience with the application, we would recommend looking over the Getting Started part of the Postman guide. You will also need to create an account on the Postman system (these are free).

 

1) Click the "+" to start a new API request:

plus.png

2) Change the Request Type from "GET" to "PUT". In the Authorization tab, select "AWS Signature" from the dropdown:

auth.png

3) Input your account credentials (API key), ensure the authorization is added to your Request Headers and in the bucket region put the region of your bucket (under "Advanced" - we are using us-east-1 for this example).

Note that this example discusses the use of Wasabi's us-east-1 storage region. To use other Wasabi storage regions, please use the appropriate Wasabi service URL as described in this article

 

Ensure the "Service Name" is "s3":

authkeys.png

4) Now that the initial configuration for Postman is complete, we need to send the request to Wasabi via the API to disable DAR. Go to the "Request URL" bar in your request and enter the service URL for your bucket. For example, if I have a bucket named "compliance-test" in the us-east-1 region, my URL would be 'http://s3.wasabisys.com/compliance-test?compliance'. We then want to select the "Body" tab and select "Raw":

body.png

5) We then will input the flag to disable DAR by utilizing the following bit of XML:

<BucketComplianceConfiguration>

   <DeleteAfterRetention>false</DeleteAfterRetention>

</BucketComplianceConfiguration>

We will put this into our body request like so:

request.png

And click "Send".

6) If the authorization string is sent correctly, along with the correct service URL and XML data, you should get an empty response body with a 200 OK HTTP status code like so:

response.png

7) To confirm that these settings were taken and applied correctly, we can pull the current Compliance configuration by changing the request type to "GET" and removing all XML data from the body. Once you click "Send", it should give you an output with the entire Compliance Mode configuration, stating that DAR is set to "false":

confirmed.png

Further information on the API calls can be found in Wasabi API guide.

 

.Net Script

The Wasabi Support team has developed a .net script for this as well, the following steps should help you with the use of this:

  • Download and install .net for your system type - https://dotnet.microsoft.com/en-us/download
  • Download the script from here
  • The script is contained in a ZIP file, so extract it to your local machine
    • Open up Terminal
    • Navigate to the "Publishes" directory (i.e. cd /Wasabi.Compliance.DAR-master/Publishes
    • Execute the script by running the following: dotnet Compliance.dll
      • If you are using Windows, navigate to the "Publishes" folder and double-click on "Compliance.exe"
      • If you are using Mac OSX/Linux there are a few extra steps that will be the same for both systems:
    • As soon as the script is run it will display the list of available regions followed by promptsmceclip3.png
    • Follow the prompts one at a time (Access key, secret key, bucket name, region)mceclip4.png
    • Once the 4 variables listed above are entered, the script should toggle Delete After Retention (DAR) OFF, and confirm it for you in the output of the script text. The script will also give an option to run it again 

PYTHON

The instructions for the Python script can be found in the support article here

 

Have more questions? Submit a request