Use S3 lifecycle policy to create a recycle bin

1

I am thinking to create a recycle bin mechanism for a versioned s3 bucket to prevent accidental deletion and modification of authorized users. The idea is 1) keep most recent 5 non-current revisions for 1 day; 2) any non-current version older than 2 days will be deleted.

The policies look like:

{
    "Rules": [
        {
            "ID": "Recyclebin_Part1",
            "Filter": {},
            "Status": "Enabled",
            "NoncurrentVersionExpiration": {
                "NoncurrentDays": 1,
                "NewerNoncurrentVersions": 5
            }
        },
        {
            "ID": "RecycleBin_Part2",
            "Filter": {},
            "Status": "Enabled",
            "NoncurrentVersionExpiration": {
                "NoncurrentDays": 2
            }
        }
    ]
}

However, looks like the second rule RecycleBin_Part2 was never applied. By checking at the object versions, there are always 5 non-current versions, even after a couple of days.

I could be wrong but does the first policy always win if both policies target (whole bucket) on the same scope and perform a same operation (expire objects) on the objects?

Is there a better way to implement this idea? A script to scan and purge non-current objects might not be a scalable option for buckets with millions of objects.

Thanks!

JM
asked 2 years ago150 views
No Answers

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions