AWS::FSx::Volume SnaplockConfiguration - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::FSx::Volume SnaplockConfiguration

Specifies the SnapLock configuration for an FSx for ONTAP SnapLock volume.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

Properties

AuditLogVolume

Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. The default value is false. If you set AuditLogVolume to true, the SnapLock volume is created as an audit log volume. The minimum retention period for an audit log volume is six months.

For more information, see SnapLock audit log volumes.

Required: No

Type: String

Update requires: No interruption

AutocommitPeriod

The configuration object for setting the autocommit period of files in an FSx for ONTAP SnapLock volume.

Required: No

Type: AutocommitPeriod

Update requires: No interruption

PrivilegedDelete

Enables, disables, or permanently disables privileged delete on an FSx for ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock administrators to delete write once, read many (WORM) files even if they have active retention periods. PERMANENTLY_DISABLED is a terminal state. If privileged delete is permanently disabled on a SnapLock volume, you can't re-enable it. The default value is DISABLED.

For more information, see Privileged delete.

Required: No

Type: String

Allowed values: DISABLED | ENABLED | PERMANENTLY_DISABLED

Update requires: No interruption

RetentionPeriod

Specifies the retention period of an FSx for ONTAP SnapLock volume.

Required: No

Type: SnaplockRetentionPeriod

Update requires: No interruption

SnaplockType

Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it is set, it can't be changed. You can choose one of the following retention modes:

  • COMPLIANCE: Files transitioned to write once, read many (WORM) on a Compliance volume can't be deleted until their retention periods expire. This retention mode is used to address government or industry-specific mandates or to protect against ransomware attacks. For more information, see SnapLock Compliance.

  • ENTERPRISE: Files transitioned to WORM on an Enterprise volume can be deleted by authorized users before their retention periods expire using privileged delete. This retention mode is used to advance an organization's data integrity and internal compliance or to test retention settings before using SnapLock Compliance. For more information, see SnapLock Enterprise.

Required: Yes

Type: String

Allowed values: COMPLIANCE | ENTERPRISE

Update requires: Replacement

VolumeAppendModeEnabled

Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. Volume-append mode allows you to create WORM-appendable files and write data to them incrementally. The default value is false.

For more information, see Volume-append mode.

Required: No

Type: String

Update requires: No interruption