Attachment Object Store

ObjectStore AWS S3 Residency: us-east-1 Retention: indefinite Object Storage File Attachments

Overview

S3-based object storage for comment attachments, images, and files with CDN distribution and automated preview generation.

Storage Architecture

  • Raw Files: Original uploaded files
  • Thumbnails: Auto-generated image previews
  • Lifecycle Policies: Tiering to Glacier for old attachments
  • CDN: CloudFront for fast global delivery

Technical Details

Specifications:

  • Storage Class: S3 Standard → S3 IA → Glacier
  • Total Size: 500 GB (growing 10 GB/month)
  • Encryption: SSE-S3 encryption enabled
  • Versioning: Enabled for file history
  • Replication: Cross-region to us-west-2

Lifecycle Policy:

  • 0-90 days: S3 Standard (frequent access)
  • 90 days - 1 year: S3 Intelligent-Tiering
  • 1+ years: Glacier (archival)

File Organization

s3://taskflow-attachments/
├── {workspace_id}/
│   ├── comments/
│   │   ├── {comment_id}/
│   │   │   ├── original/
│   │   │   │   ├── {file_id}.{ext}
│   │   │   ├── thumbnails/
│   │   │   │   ├── {file_id}_thumb.jpg

Access Patterns

  • Comment Service: Upload attachments, generate signed URLs
  • CDN: Serve files globally with low latency
  • Users: Download attachments via pre-signed URLs (15 min expiry)

File Processing

  1.

    Upload

    User uploads file via Comment Service

  2.

    Virus Scan

    ClamAV scans for malware

  3.

    Storage

    Store in S3 with metadata

  4.

    Preview Generation

    Lambda generates thumbnails for images

  5.

    CDN Distribution

    CloudFront caches for fast delivery

Security

  • Pre-signed URLs: Temporary access (15 minutes)
  • Virus Scanning: All uploads scanned
  • Encryption: At rest and in transit
  • Access Control: IAM policies and bucket policies

Monitoring

  • Storage Growth: Track monthly growth
  • Request Count: Monitor access patterns
  • Error Rate: Alert on 4xx/5xx errors
  • Virus Detections: Alert on malware found
Edit this page