You are here

Working with Amazon S3 WORM

You can use the Amazon S3 WORM storage by creating a Rule and an Action in Alfresco Governance Services.

WORM storage (Object Lock in Amazon S3) is an Amazon S3 capability that allows you to store objects using the write once, read many (WORM) model. Records moved to WORM storage use an Amazon S3 bucket that is configured to support object locking in compliance mode. The movement of records is controlled through record folder rules and actions. You use the WORM model where it is a requirement that your data is not changed once it has been written to disk. This may be a requirement of yours due to regulatory compliance in the governmental, financial or healthcare sectors.

The movement of records to WORM storage and through to disposition can be fully automated. A folder rule is configured to test records for the classification that requires WORM storage. This may be based on when a records enters a folder or complex meta data conditions. When triggered the rule causes the Object Lock action to be initiated in Amazon S3. This action is configured with the required WORM retention period in days. For records that are moved to WORM locked storage any retention schedules that may have been applied are interrupted. At the end of the required retention period in WORM storage the records are automatically returned to the original default S3 bucket to allow normal record operations to re-commence, including the application of retention schedules and disposition.

While retained in WORM storage additional controls are applied to prevent any user including administrators from deleting the records. Adding records to one or more legal holds during the WORM storage retention period causes the Amazon S3 legal hold flag to be set on the record in Amazon S3. This prevents deletion or editing of the record in Amazon S3 even if the WORM retention period has expired. Once the record has been removed from all legal holds it was added to the legal hold flag is cleared and the record can be removed from the WORM bucket once the retention period has expired.

There is some configuration required before you can use this feature, for more see Creating a bucket in Amazon S3 for use as WORM storage.

Once you have created the bucket in Amazon S3 for use as Worm storage you can use it as storage, for more see Using WORM storage with AGS.

Although the content of a WORM-locked record will be protected against modifications, any copies of WORM-locked records in other record folders will be stored using the rules for that folder. Consequently, copies of records may not be protected by the same restrictions.

You are unable to reject a Record that is stored in WORM storage and you can't move Records that are stored in WORM storage.

Sending feedback to the Alfresco documentation team

You don't appear to have JavaScript enabled in your browser. With JavaScript enabled, you can provide feedback to us using our simple form. Here are some instructions on how to enable JavaScript in your web browser.