Bicep & Storage Account Lifecycle Management

massimobonanni

Massimo Bonanni

Posted on October 26, 2022

Bicep & Storage Account Lifecycle Management

In this post, I would like to show how you can configure the Lifecycle Management rules in an Azure Storage Account using Bicep.
Before reading this post, I suggest you to read this article to understand what lifecycle management rules are and how you can use them to control costs in a storage account.

To set a lifecycle management rule, you can open the Storage Account blade in Azure Portal and select "Lifecycle management" blade, and then "Add Rule" command:

The lifecycle management blade

The wizard for a rule definition is composed by three steps. In the first step, you define the rule name, what kind of blobs you want to manage (block or append or both), and if the rule will be applied only to the base blob or also to the versions and/or the snapshots.

The rule details form

You can also set a filter that will be used to select only particular blobs in the storage account. With this property, you can, for example, limit the rule to a particular container or to a specific type of blob (e.g. JPG, GIF, and so on).

The next step allows you to configure how the rule will "move" the blobs between the different access tiers. Remember that the rule moves blobs from a more expensive tier to a less expensive tier. Furthermore, the "move" is a virtual move, the rule does not physically move the blob but simply changes its tier.

You can define when a blob will move to cool, to archive or will be deleted based on the creation datetime or the update datetime as shown in the following figure:

The rule definition step

In the previous sample, a blob will be moved from hot tier to cool tier if it is not changed for more than 10 days, then will be moved to the archive tier if it is not changed for more that 100 days, and, finally, will be deleted if it is not changed for more that 300 days.

You can define more than one rules, and, behind the scene, all the rules are described in a JSON. For example, the JSON for the previous rule is the following:



{
  "rules": [
    {
      "enabled": true,
      "name": "Rule Name",
      "type": "Lifecycle",
      "definition": {
        "actions": {
          "baseBlob": {
            "tierToCool": {
              "daysAfterModificationGreaterThan": 10
            },
            "tierToArchive": {
              "daysAfterLastTierChangeGreaterThan": 7,
              "daysAfterModificationGreaterThan": 100
            },
            "delete": {
              "daysAfterModificationGreaterThan": 300
            }
          }
        },
        "filters": {
          "blobTypes": [
            "blockBlob"
          ]
        }
      }
    }
  ]
}


Enter fullscreen mode Exit fullscreen mode

If you want to create a rule using a Bicep template, you must define a resource of type Microsoft.Storage/storageAccounts/managementPolicies with the storage account as parent.



resource analysisResultRule 'Microsoft.Storage/storageAccounts/managementPolicies@2021-09-01' = {
  name: 'default'
  parent: storageAccount
  properties: {
    policy: {
      rules: [
        {
          enabled: true
          name: 'Rule Name'
          type: 'Lifecycle'
          definition: {
            actions: {
              baseBlob: {
                tierToCool: {
                  daysAfterModificationGreaterThan: 10
                }
                tierToArchive: {
                  daysAfterLastTierChangeGreaterThan: 7
                  daysAfterModificationGreaterThan: 100
                },
                delete: {
                  daysAfterModificationGreaterThan: 300
                }
              }
            }
            filters: {
              blobTypes: [
                'blockBlob'
              ]
            }
          }
        }
      ]
    }
  }
}


Enter fullscreen mode Exit fullscreen mode

You just put the JSON you find in the portal inside the policy node of the BICEP.
The policy definition is a child of the storage account resource definition (the parent property contains the symbolic name of the storage resource). You can define it in different ways, you can read this article to find all the possible ways to declare.

💖 💪 🙅 🚩
massimobonanni
Massimo Bonanni

Posted on October 26, 2022

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related