5. Documents lifecycle policy
Date: 2021-01-06
Status
Accepted
Context
We store documents in Amazon S3, which keeps a version history for each document. The latest version is always the one which is retrieved by the application, but older versions can be reinstated through the AWS interface.
We generally don’t use this versioning functionality, but it is used when a document is deleted. Rather than deleting the document outright, S3 adds a new “delete marker” version. This means that the original document can no longer be retrieved by the application but it could be reinstated.
To fulfil our data retention obligations, we need to permanently delete these documents from Amazon S3 including the delete markers and original versions.
Decision
Once a document has been given a delete marker, we will use Amazon S3’s lifecycle policies to automatically remove it after 1 day. This includes the delete marker and all previous versions.
Consequences
This process will make it completely impossible to recover documents 1 day after they’re deleted.