Stay organized with collections
Save and categorize content based on your preferences.
This page shows you how to set retention periods for Google Distributed Cloud (GDC) air-gapped storage buckets.
Before you begin
A project namespace manages bucket resources in the Management API server. You
must have a project to work with buckets and objects.
You must also have the appropriate bucket permissions to perform the following
operation. See Grant bucket access.
Set a bucket retention period
Console
In the navigation menu, click Object Storage.
Click the name of the bucket that you want to update.
Click the Configuration tab.
In the Security section, next to the Retention policy field, click editEdit.
Edit the number of days with a value higher than the existing number of days and click Save.
CLI
By default, you can delete objects at any time. You can enable object locking
with a retention period to prevent all objects in the bucket from deletion for
the specified number of days. You cannot delete a bucket until you
delete all objects after the retention period.
You must enable object locking when creating the bucket. You cannot enable or
disable object locking after you create a bucket. However, you can modify the
default object retention period.
You can create a bucket with or without enabling object locking. If you've
enabled object locking, specifying a default retention period is optional.
To modify the retention period, update the
Bucket.spec.buckePolicy.lockingPolicy.defaultObjectRetentionDays field in the
Bucket resource.
The following is an example of updating the field in the Bucket resource:
Any updates to the retention period apply to objects created in the bucket after
the update. For pre-existing objects, the retention period does not change.
When you've enabled object locking, if you attempt to overwrite an object, you add a new
version of the object. You can retrieve both object versions. To retrieve object versions, see List storage objects.
To create a write-once, read-many (WORM) bucket, refer to the
WORM Bucket section.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis guide outlines the process for setting retention periods for storage buckets in Google Distributed Cloud (GDC) air-gapped environments, emphasizing that a project namespace and appropriate bucket permissions are prerequisites.\u003c/p\u003e\n"],["\u003cp\u003eRetention periods, which prevent object deletion for a specified duration, can be modified via the console by navigating to the bucket's Configuration tab or via the CLI by updating the \u003ccode\u003eBucket.spec.bucketPolicy.lockingPolicy.defaultObjectRetentionDays\u003c/code\u003e field in the Bucket resource.\u003c/p\u003e\n"],["\u003cp\u003eObject locking must be enabled during bucket creation and cannot be enabled or disabled post-creation, although the default retention period can be modified afterward.\u003c/p\u003e\n"],["\u003cp\u003eUpdating the retention period only affects newly created objects, not those already present in the bucket.\u003c/p\u003e\n"],["\u003cp\u003eEnabling object locking and attempting to overwrite an object will result in a new version of the object being created, and both the existing and new object versions will be retrievable.\u003c/p\u003e\n"]]],[],null,["# Set storage bucket retention periods for projects\n\nThis page shows you how to set retention periods for Google Distributed Cloud (GDC) air-gapped storage buckets.\n\nBefore you begin\n----------------\n\nA project namespace manages bucket resources in the Management API server. You\nmust have a [project](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/project-management) to work with buckets and objects.\n\nYou must also have the appropriate bucket permissions to perform the following\noperation. See [Grant bucket access](/distributed-cloud/hosted/docs/latest/gdch/application/ao-user/grant-obtain-storage-access#grant_bucket_access).\n\nSet a bucket retention period\n-----------------------------\n\n### Console\n\n1. In the navigation menu, click **Object Storage**.\n2. Click the name of the bucket that you want to update.\n3. Click the **Configuration** tab.\n4. In the Security section, next to the **Retention policy** field, click edit **Edit**.\n5. Edit the number of days with a value higher than the existing number of days and click **Save**.\n\n### CLI\n\nBy default, you can delete objects at any time. You can enable object locking\nwith a retention period to prevent all objects in the bucket from deletion for\nthe specified number of days. You cannot delete a bucket until you\ndelete all objects after the retention period.\n\nYou must enable object locking when creating the bucket. You cannot enable or\ndisable object locking after you create a bucket. However, you can modify the\ndefault object retention period.\n\nYou can create a bucket with or without enabling object locking. If you've\nenabled object locking, specifying a default retention period is optional.\n\nTo modify the retention period, update the\n`Bucket.spec.buckePolicy.lockingPolicy.defaultObjectRetentionDays` field in the\n[Bucket resource](../../apis/storage-krm-api.md).\n\nThe following is an example of updating the field in the Bucket resource: \n\n apiVersion: object.gdc.goog/v1\n kind: Bucket\n metadata:\n name: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eBUCKET_NAME\u003c/span\u003e\u003c/var\u003e\n namespace: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eNAMESPACE_NAME\u003c/span\u003e\u003c/var\u003e\n spec:\n description: \"This bucket has a default retention period specified.\"\n storageClass: Standard\n bucketPolicy:\n lockingPolicy:\n defaultObjectRetentionDays: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eRETENTION_DAY_COUNT\u003c/span\u003e\u003c/var\u003e\n ----------\n apiVersion: object.gdc.goog/v1\n kind: Bucket\n metadata:\n name: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eBUCKET_NAME\u003c/span\u003e\u003c/var\u003e\n namespace: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eNAMESPACE_NAME\u003c/span\u003e\u003c/var\u003e\n spec:\n description: \"This would enable object locking but not specify a default retention period.\"\n storageClass: Standard\n bucketPolicy:\n lockingPolicy:\n ----------\n apiVersion: object.gdc.goog/v1\n kind: Bucket\n metadata:\n name: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eBUCKET_NAME\u003c/span\u003e\u003c/var\u003e\n namespace: \u003cvar translate=\"no\"\u003e\u003cspan class=\"devsite-syntax-l devsite-syntax-l-Scalar devsite-syntax-l-Scalar-Plain\"\u003eNAMESPACE_NAME\u003c/span\u003e\u003c/var\u003e\n spec:\n description: \"This bucket does not have locking or retention enabled.\"\n storageClass: Standard\n\nAny updates to the retention period apply to objects created in the bucket after\nthe update. For pre-existing objects, the retention period does not change.\n\nWhen you've enabled object locking, if you attempt to overwrite an object, you add a new\nversion of the object. You can retrieve both object versions. To retrieve object versions, see [List storage objects](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/list-storage-objects).\n\nTo create a write-once, read-many (WORM) bucket, refer to the\n[WORM Bucket](/distributed-cloud/hosted/docs/latest/gdch/platform/pa-user/create-storage-worm-buckets) section."]]
