Many security compliance policies, such as corporate or government data retention policies, may specify that data is to be retained without modification for a specified period of time. For example, compliance storage may provide data retention with write once read many (WORM) access for retained data. In an example, a compliance policy may specify that if a file has not been modified for a threshold amount of time, such as 2 months, then the file is to be locked down into a WORM state as compliance data for a locked down retention period, such as 2 years.
Compliance data may be created within storage volumes hosted by storage nodes having disaster recovery relationships. For example, a first storage node (e.g., of a first storage cluster) may host a first storage volume having a disaster recovery relationship with a second storage volume hosted by a second storage node (e.g., of a second storage cluster). Data within the first storage volume may be replicated to the second storage volume based upon the disaster recovery relationship. In this way, if the first storage node fails, then the second storage node may provide clients with failover access to replicated data within the second storage volume. Switching over from the first storage node to the second storage node may break the disaster recovery relationship. During the switchover from the first storage node to the second storage node, data within the second storage volume may be committed to the WORM state as compliance data. Thus, the compliance data is stored within the second storage volume but not the first storage volume.
A resynchronization operation may be performed to reestablish the disaster recovery relationship between the first storage volume and the second storage volume. The resynchronization operation may utilize a common snapshot, corresponding to a point in time representation of data where the first storage volume and the second storage volume were in a data consistent state, to roll the second storage volume back to the data consistent state. New data from the first storage volume may be transferred over to the second storage volume, resulting in the second storage volume being a mirror of a current state of the first storage volume. Unfortunately, if the second storage volume comprises compliance data not comprised within the first storage volume, then the compliance data would be deleted by the resynchronization, thus violating the compliance policy. Accordingly, the resynchronization operation may be blocked for destination volumes comprising compliance data so that compliance policies are not violated.