For a variety of reasons, accounts must occasionally be closed and removed from DuraCloud. Most of this work can be done directly from the Management Console, but in the case where storage accounts are to be transitioned to the data owner, additional steps are required.
To close out an account in DuraCloud where content will be removed you will need to:
- Coordinate with the customer to ensure that they retrieve all of their content. (If the customer would prefer to take ownership of the storage accounts, see below.)
- Remove all content and spaces. This can be done using the DuraCloud UI by selecting all spaces and choosing
Delete
. Note that the spaces will delete from the UI initially, but a refresh of the Spaces tab will show they still exist. In the background the content is being deleted, and when all content is gone, the space will be deleted as well. This process can take some time, especially if there is significant content in the spaces. You will want to keep an eye on this process to ensure the deletes continue. If the deletes stop for a space, simply delete it again to get them going. - Once all content is removed, go the Management Console, find the account, and select to Deactivate it. Deactivating an account retains all account settings, but the account is no longer available through DuraCloud. You may choose to leave the account in the deactivated state for as long as needed, or reactivate it at any time.. Virtually no resources are consumed by accounts in the deactivated state.
- If you'd like to remove the account completely, go the Root Console, find the account, and select Delete. This will remove the account along with all of its settings and storage providers. This will not remove users associated with the account, but it will remove the association between those users and the account.
- If the account has a duplication policy (i.e. it is replicating content to secondary storage), remove the duplication policy for the account via the policy editor.
a. Open the Duplication Policy Editor
b. Enter your DuraCloud credentials and the subdomain of the DuraCloud account where the duplication policies are hosted, then select
Sign In
. You will see the list of all DuraCloud accounts for which duplication is configured c. Click on the trash icon to delete the duplication policy for the subdomain of the account you have closed - Remove the subdomain CNAME from the zone file of your domain registrar (e.g. GoDaddy).
If the customer would prefer to maintain content stored in the underlying storage providers (e.g. Amazon S3), follow this process to close the DuraCloud account and transition ownership of stored content:
- Coordinate with the customer to determine the point of contact (POC) for the transition. This person must have access to the customer's AWS Organization account and be authorized to take possession of AWS accounts.
- Coordinate with the customer to ensure that they have stopped all content transfers (and verify this is the case)
- If there are multiple stores to be transitioned, run a Mill Duplication process to ensure all file duplication is up-to-date
- (Optional) Export the manifest and audit logs for each existing space to an external file
- (Optional) Create a space for manifest and audit log files, store exported files in this new space
- Delete the DuraCloud account via the Management Console (see above for more details)
- In the AWS Console:
- Remove any existing root-level Access Keys (found under Security Credentials)
- Create an IAM user with admin rights for the customer POC, and have them log in
- In Payment methods, have the customer POC enter a card, then remove any existing (DuraSpace) cards
- In AWS Organizations, leave the master DuraSpace organization (and verify the disconnect from the DuraSpace org)
- In AWS Organizations, add the account to the customer organization (and have the customer POC verify the connection)
- Remove the DuraCloud IAM user
- Have the customer POC change the Account Contact Information
- Change root Account Name, email address, and password to values defined by the customer
- Log out of the account. Have the customer POC change the root password.
- If there are multiple stores to be transferred, complete these steps for each account.