This topic describes how data replication works when it is used with versioning, lifecycle rules, server-side encryption, and retention policies. Data replication includes cross-region replication and same-region replication.
Use data replication with versioning
Take note of the following limits when you use data replication with versioning:
You can enable data replication only for two buckets that are both versioned or unversioned. The versioning state of the source bucket and the destination bucket cannot be changed.
Versioning cannot be suspended for the source bucket or destination bucket during data replication. To suspend versioning for the source bucket and destination bucket, you must first delete the data replication rules configured for the buckets.
The following table describes the results of operations performed by Object Storage Service (OSS) when an object is deleted from the versioned source bucket.
Request method | Operation | Result |
Send a DeleteObject request in which the version ID of the object is not specified. | Add/Change | A delete marker is created for the object in the source bucket and synchronized to the destination bucket. |
Add/Delete/Change | A delete marker is created for the object in the source bucket and synchronized to the destination bucket. | |
Send a DeleteObject request in which the version ID of the object is specified. | Add/Change | The deletion is not synchronized to the destination bucket. |
Add/Delete/Change | The deletion is synchronized to the destination bucket. |
Use data replication with lifecycle rules
When you use data replication with versioning, multiple previous object versions are synchronized to the destination bucket. This incurs additional storage costs. We recommend that you configure lifecycle rules for buckets to control storage costs and retain required data. For more information, see Lifecycle rules based on the last modification time.
Take note of the following items when you use data replication with lifecycle rules:
During data replication, only the operations performed based on the lifecycle rules but not the lifecycle rules are synchronized to the destination bucket. To apply the same lifecycle rules as the source bucket on the objects in the destination bucket, configure the same lifecycle rules for the destination bucket.
If a lifecycle rule is configured for the destination bucket, the creation time of an object replicated to the destination bucket is the time when the object is created in the source bucket but not the time when it is replicated to the destination bucket.
If an object is deleted from the source bucket based on a lifecycle rule while the object is being replicated to the destination bucket, the replication may continue, and the replicated object in the destination bucket is retained.
Use data replication with server-side encryption
You can replicate unencrypted objects and objects encrypted by using SSE-KMS and SSE-OSS within the same account. For more information, see Server-side encryption.
The following table describes the encryption status of the destination object when data replication is used with server-side encryption.
Encryption method of the source object | Encryption method of the destination bucket | Whether SSE-KMS is used to encrypt the destination object | Encryption method of the destination object |
Unencrypted | Unencrypted | N/A | Unencrypted |
SSE-OSS | N/A | SSE-OSS | |
SSE-KMS without a CMK ID specified | N/A | SSE-KMS without a CMK ID specified | |
SSE-KMS with a CMK ID specified | Yes A SyncRole and a CMK ID are configured. | SSE-KMS with a CMK ID specified | |
No | N/A. The source object cannot be replicated to the destination bucket. | ||
SSE-OSS | Unlimited | N/A | SSE-OSS |
SSE-KMS without a CMK ID specified | Unlimited | Yes A SyncRole and a CMK ID are configured. | SSE-KMS with a CMK ID specified |
No | SSE-KMS without a CMK ID specified | ||
SSE-KMS with a CMK ID specified | Unlimited | Yes A SyncRole and a CMK ID are configured. | SSE-KMS with a CMK ID specified |
No | N/A. The source object cannot be replicated to the destination bucket. |
Use data replication with retention policies
After a retention policy configured for a bucket is locked, you can read objects from or upload objects to the bucket. However, the objects in the bucket cannot be overwritten or deleted within the retention period.
For more information about retention policies, see Retention policy.
The following table describes whether the source object can be synchronized to the destination bucket when data replication is used with retention policies.
Whether the source object is within the retention period | Allowed operation in the source bucket | Whether the destination object is within the retention period | Whether the source object is synchronized to the destination bucket |
No | Create an object | Yes | No |
Overwrite an object | Yes | No | |
Delete an object | Yes | No | |
No | Create an object | No | Yes |
Overwrite an object | No | Yes | |
Delete an object | No | Yes | |
Yes | Create an object | N/A | Yes |