docs(s3): clarify AWS CLI v2.23+ workaround + restructure lifecycle/d…#308
Open
aelttil wants to merge 2 commits into
Open
docs(s3): clarify AWS CLI v2.23+ workaround + restructure lifecycle/d…#308aelttil wants to merge 2 commits into
aelttil wants to merge 2 commits into
Conversation
…eletion concepts
- quickstart.md: rewrite the AWS CLI section to explicitly mention the
v2.23.0+ default CRC64NVME issue on ECS-based storage. Sets both
request_checksum_calculation AND response_checksum_validation to
when_required (the latter was missing — downloads can also fail
without it). Restores the endpoint explanation that was removed.
- concepts.md: introduce "Gestion du cycle de vie et protection des
données" section that clearly separates two often-confused mechanisms:
* lifecycle policy → actively deletes objects after N days
* deletion protection → passively prevents deletion for N days
Adds a note explaining the difference with standard S3 Object Lock
(Cloud Temple's mechanism is bucket-level, doesn't require versioning).
- quickstart.md: move detailed concept explanations to concepts.md
(the quickstart stays action-focused) and link between the two pages.
Supersedes #304. Empirically tested on a CT S3 bucket:
- XAmzContentSHA256Mismatch reproduced without the fix
- both request_checksum_calculation and response_checksum_validation
validated end-to-end (upload + download)
Co-Authored-By: bquinsac <119865939+bquinsac@users.noreply.github.com>
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
…eality
Following review feedback on the previous draft of the lifecycle vs.
deletion protection section:
- Lifecycle: drop the inaccurate claim that ECS automatically deletes
expired objects. The Lifecycle Delete Scanner (LDS) is disabled by
default on ECS 3.2.1+, so actual deletion depends on platform-side
configuration. Adds an :::info note pointing users to support if
expiration doesn't take effect.
- Deletion protection: clarify that activation is NOT self-service —
it requires an explicit support request, and is contractually binding.
- Adds a :::danger block on irreversibility with explicit business
consequences:
* the configured duration cannot be shortened, even by Cloud Temple
* if a 99-year protection is set, the data is locked for 99 years
* if the customer stops using the service or terminates the contract,
the locked volume remains billable pro-rata until the period ends
* no bypass mechanism exists (shared SecNumCloud infrastructure)
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
…eletion concepts
quickstart.md: rewrite the AWS CLI section to explicitly mention the v2.23.0+ default CRC64NVME issue on ECS-based storage. Sets both request_checksum_calculation AND response_checksum_validation to when_required (the latter was missing — downloads can also fail without it). Restores the endpoint explanation that was removed.
concepts.md: introduce "Gestion du cycle de vie et protection des données" section that clearly separates two often-confused mechanisms:
quickstart.md: move detailed concept explanations to concepts.md (the quickstart stays action-focused) and link between the two pages.
Supersedes #304. Empirically tested on a CT S3 bucket: