Configuring a storage account and creating a storage container in Azure for use as WORM storage - Alfresco Governance Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Governance Services

Platform
Alfresco
Product
Alfresco Governance Services
Release
23.4
License

These steps describe how to use the Azure Portal to create a storage container for use as WORM storage (Azure Blob Level Immutability) in Azure. Once you have created the container you can create rules for a category or folder to store your data using WORM storage.

For more on creating rules see Creating a rule.

Note: Ensure you have the required Azure login credentials before you begin.
  • Installed Alfresco Content Services 23.2 (or above). Installed Alfresco Content Connector for Azure 5.0.0 (or above) with multiple container support enabled.
  • Set the following properties in the <TOMCAT_HOME>/shared/classes/alfresco-global.properties file:

    Property Description
    worm.contentstore This property is the key of the content store that has a WORM container.
    worm.retentionPeriod This property controls the default retention period. It is specified in days and the default value is 2192 which is six years.
    connector.az.store2.retentionPeriodProperty This property passes the AGS property which stores the unlock date of an object to Content Connector for Azure. You must enter this value: {http://www.alfresco.org/model/recordsmanagemententerprise/1.0}wormUnlockDate.
    rm.wormUnlockRecords.cronExpression This cron expression is used to specify how often the unlock job should run in Governance Services. The default is 15 minutes.
    connector.az.store2.blobImmutabilityPolicy This property controls immutability policy type at single blob level. Possible values: Unlocked(default)/Locked
  1. Log in to your Azure Portal.

    You can only enable Blob immutability policy on the creation level, so you must create a new Storage Account to enable WORM feature.

  2. Click Create resource and type storage account in the search field.
  3. Once the Storage account tile is displayed, expand the Create dropdown at the bottom of the tile and choose Storage account.
  4. On the first screen choose the desired subscription, resource group, enter a name for the storage, select the required Region, and then click Next. You can keep all other options default.
  5. Under the next two tabs, you can leave all options default or change them at your convenience.
  6. Under the Data protection tab you must select the Enable versioning for blobs and Enable version-level immutability support checkboxes.

    It is recommended to set Keep all versions under Enable versioning for blobs.

  7. You can leave the next two tabs with default values or modify them at your convenience and go to Review tab where you should click Create button.
  8. Under your storage account with versioning and version-level immutability support you need to create a storage container which is WORM capable.
  9. Under your newly created Storage Account go to the Containers tab and click +Container (create container).

    Type in the container name. Under Advanced section select Enable version-level immutability support and click Create

  10. You may want to set default retention based immutability policy for your container.

    To do so, go to the Containers tab, click the ellipsis (3 dots) for your container and choose Access policy.

  11. Under the Immutable blob storage section choose add policy.
    1. Choose Time-based retention policy type and type in the desired number of days in Set retention period for field and click Save.

      This retention period must match the retention period you configured in the Alfresco Global Properties file for the worm.retentionPeriod property.

    2. To use this bucket as WORM storage you must now create rules for a category or folder in Governance Services using the WORM lock action. If you use the REST API you can use the action without a rule.