PutObjectRetention - Amazon Simple Storage Service


Places an Object Retention configuration on an object. For more information, see Locking Objects. Users or accounts require the s3:PutObjectRetention permission in order to place an Object Retention configuration on objects. Bypassing a Governance Retention configuration requires the s3:BypassGovernanceRetention permission.

This action is not supported by Amazon S3 on Outposts.


When the Object Lock retention mode is set to compliance, you need s3:PutObjectRetention and s3:BypassGovernanceRetention permissions. For other requests to PutObjectRetention, only s3:PutObjectRetention permissions are required.

Request Syntax

PUT /{Key+}?retention&versionId=VersionId HTTP/1.1 Host: Bucket.s3.amazonaws.com x-amz-request-payer: RequestPayer x-amz-bypass-governance-retention: BypassGovernanceRetention Content-MD5: ContentMD5 x-amz-expected-bucket-owner: ExpectedBucketOwner <?xml version="1.0" encoding="UTF-8"?> <Retention xmlns="http://s3.amazonaws.com/doc/2006-03-01/"> <Mode>string</Mode> <RetainUntilDate>timestamp</RetainUntilDate> </Retention>

URI Request Parameters

The request uses the following URI parameters.


The bucket name that contains the object you want to apply this Object Retention configuration to.

When using this action with an access point, you must direct requests to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. When using this action with an access point through the AWS SDKs, you provide the access point ARN in place of the bucket name. For more information about access point ARNs, see Using access points in the Amazon S3 User Guide.

Required: Yes


The MD5 hash for the request body.

For requests made using the AWS Command Line Interface (CLI) or AWS SDKs, this field is calculated automatically.


The key name for the object that you want to apply this Object Retention configuration to.

Length Constraints: Minimum length of 1.

Required: Yes


The version ID for the object that you want to apply this Object Retention configuration to.


Indicates whether this action should bypass Governance-mode restrictions.


The account ID of the expected bucket owner. If the bucket is owned by a different account, the request will fail with an HTTP 403 (Access Denied) error.


Confirms that the requester knows that they will be charged for the request. Bucket owners need not specify this parameter in their requests. For information about downloading objects from requester pays buckets, see Downloading Objects in Requestor Pays Buckets in the Amazon S3 User Guide.

Valid Values: requester

Request Body

The request accepts the following data in XML format.


Root level tag for the Retention parameters.

Required: Yes


Indicates the Retention mode for the specified object.

Type: String


Required: No


The date on which this Object Lock Retention will expire.

Type: Timestamp

Required: No

Response Syntax

HTTP/1.1 200 x-amz-request-charged: RequestCharged

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The response returns the following HTTP headers.


If present, indicates that the requester was successfully charged for the request.

Valid Values: requester

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: