Creating a bucket in Amazon S3 for use as WORM storage - Alfresco Governance Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Governance Services

Platform
Alfresco
Product
Alfresco Governance Services
Release
23.4
License

These steps describe how to use the AWS Management Console to create a bucket for use as WORM storage (Amazon S3 Object Lock) in Amazon S3. Once you have created the bucket you can create rules for a category or folder to store your data using WORM storage.

For more on creating rules, see Creating a rule.

Note: Ensure you have the required AWS login credentials before you begin.

This task assumes you have:

  • Installed Alfresco Content Services 7.0 and above. For more, see Supported Platforms.
  • Installed Alfresco Content Connector for AWS S3 3.1 and above with multiple bucket support enabled.
  • For more see Configuring multiple buckets using S3 Connector in the Alfresco Content Connector for AWS S3 documentation.
  • Set the following properties in the <TOMCAT_HOME>/shared/classes/alfresco-global.properties file:
    Property Description
    worm.contentstore ACS 23.2, S3 Connector 6.1.0 and above. This property is the key of the content store that has a WORM bucket.
    worm.retentionPeriod ACS 23.2, S3 Connector 6.1.0 and above. This property controls the default retention period. It is specified in days and the default value is 2192 which is six years.
    s3.worm.contentstore ACS versions older than 23.2, S3 Connector versions older than 6.1.0. This property is the key of the content store that has a WORM bucket.
    s3.worm.retentionPeriod ACS versions older than 23.2, S3 Connector versions older than 6.1.0. This property controls the default retention period. It is specified in days and the default value is 2192 which is six years.
    connector.s3.store2.retentionPeriodProperty This property passes the AGS property which stores the unlock date of an object to Content Connector for AWS S3. You must enter this value: {http://www.alfresco.org/model/recordsmanagemententerprise/1.0}wormUnlockDate.
    rm.wormUnlockRecords.cronExpression This cron expression is used to specify how often the unlock job should run in Governance Services. The default is 15 minutes.
  1. Log in to your AWS Management Console.
  2. Expand All services and under the Storage heading select S3.
  3. In the S3 buckets window, click Create bucket.
  4. Enter a name for the Bucket and select the required Region and then click Next.
  5. Under the Versioning heading, select Keep all versions of an object in the same bucket check box.

    To enable Object Lock you must select this check box.

  6. Expand Advanced Settings and under the Object Lock heading select Permanently allow objects in this bucket to be locked and click Next.
    Note: You must have Object Lock enabled in order to use Governance Services with WORM storage. For more on Object Lock see S3 Object Lock overview in the Alfresco Content Connector for AWS S3 documentation.
  7. Ensure Block all public access is selected and click Next.
  8. Click Create bucket.

    You are now back at the S3 buckets window.

  9. Select the check box next to the bucket you have just created and click Properties.
  10. Under the Advanced settings heading click the Object lock tile.
  11. Select Compliance or Governance retention mode as per your preferences (you may want to contant your Legal Department to define that).
  12. Enter a Retention period in Days and click Save.

    This retention period must match the retention period you configured in the Alfresco Global Properties file for property worm.retentionPeriod/s3.worm.retentionPeriod.

    To use this bucket as WORM storage you must now create rules for a category or folder in Governance Services using the WORM lock action. If you use the REST API you can use the action without a rule.