Ensure there is a lifecycle management policy configured for your Microsoft Azure Blob Storage data in order to meet compliance requirements when it comes to security and cost optimization. Azure Storage lifecycle management offers a rich, rule-based policy for general purpose and blob storage accounts. Use the lifecycle management policy to transition your Azure cloud data to the appropriate access tiers or expire it at the end of the data's lifecycle.
This rule resolution is part of the Conformity Security & Compliance tool for Azure.
optimisation
Microsoft Azure Blob Storage service transitions and expires blob data automatically according to the lifecycle management policy that you define at the storage account level. The lifecycle management policy lets you automatically delete blob data at the end of its lifecycle and transition blob data to a cold storage tier (hot to cold, hot to archive or cold to archive) in order to optimize it for security and cost.
Audit
To determine if your Azure Storage accounts have a lifecycle management policy configured, perform the following actions:
Remediation / Resolution
To enable data lifecycle management for your blob storage accounts, define a policy to transition your data to the appropriate access tiers or expire it at the end of the data's lifecycle. To create the required lifecycle management policy, perform the following actions:
References
- Azure Official Documentation
- What is Azure Blob storage?
- Introduction to Azure Blob storage
- Azure Blob storage: hot, cool, and archive access tiers
- Manage the Azure Blob storage lifecycle
- Azure PowerShell Documentation
- az storage account list
- az storage account management-policy show
- az storage account management-policy create