Architecture

Data Retention Service

A generic, event-driven pattern to enforce retention policies: detect expired data, publish cleanup events, run idempotent workers, then update metadata and storage with a complete audit trail.

View Cost Model

Detection

  • Scheduler (hourly / daily / monthly)
  • Policy evaluation + eligibility checks
  • Catalog scan + partition selection

Queue / Event Bus

  • Event publishing
  • Routing + fanout
  • Backpressure, retries, DLQ

Workers

  • Partition cleanup
  • Data deletion (parallel + rate limited)
  • Idempotent execution

Storage + Metadata

  • Metadata catalog updates
  • Object storage deletion
  • Audit trail + reporting
Component details(+ principles)

Event Dispatcher

Evaluates retention rules, selects eligible partitions/files, and publishes cleanup events.

Examples: scheduled job, serverless function, microservice

Queue / Event Bus

Decouples detection from execution and enables scalable, reliable processing with retries.

Examples: Kafka, RabbitMQ, managed queue, event bus

Retention Workers

Consume events and perform cleanup in parallel across metadata and storage layers.

Examples: containers, serverless workers, batch jobs

Metadata Catalog

Stores schemas and partition state. Workers update catalog state during cleanup.

Examples: metastore, data catalog, governance catalog

Object Storage

Data files reside here. Workers delete files based on retention policy decisions.

Examples: object storage, HDFS-compatible storage

Audit + Controls

Captures what was deleted, when, and why—supporting compliance and investigations.

Examples: immutable logs, metrics, dashboards, ticketing

Key architectural principles

Event-driven and loosely coupled for scale
Idempotent operations for safe retries
Audit trail for governance and compliance
Parallel execution with guardrails (rate limits, throttling, backpressure)
Separation of detection vs execution
Cloud-agnostic design (portable)

Outcomes

Automated enforcement

Retention policies execute automatically with no manual cleanup or operational overhead.

Lower storage costs

Reduces total storage footprint and cloud spend by continuously removing expired data.

Compliance ready

Creates a full audit trail of what was deleted, when, and why for governance needs.

Horizontally scalable

Event-driven workers scale out to handle growth without re-architecting the system.

Reliable execution

Idempotent operations allow safe retries and fault tolerance during failures.

Built-in guardrails

Rate limits, batching, and backpressure protect storage systems and prevent runaway deletes or production impact.

Note: This page is intentionally generic (no vendor or internal system names). Swap in your platform equivalents as needed.