It would be helpful to be able to give someone permissions to upload/PUT new objects in object storage, but not modify/delete them. The Writer service access has 52 more granular permissions listed, but Writer allows objects and even buckets to be deleted. It would be helpful to set more granular permissions beneath that, for example allowing "cloud-object-storage.object.put" but not "cloud-object-storage.object.delete". Retention policies help in some scenarios, but aren't granular enough and can't be overridden by another user/service.
Do not place IBM confidential, company confidential, or personal information into any field.