turbot/azure_thrifty

Control: Storage accounts should have lifecycle policies

Description

Storage accounts should have a lifecycle policy associated for data retention.

Usage

Run the control in your terminal:

powerpipe control run azure_thrifty.control.storage_account_without_lifecycle_policy

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_thrifty.control.storage_account_without_lifecycle_policy --share

Steampipe Tables

SQL

select
ac.id as resource,
case
when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' is null then 'alarm'
when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' @> '[{"enabled":true}]' then 'ok'
else 'alarm'
end as status,
case
when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' is null then ac.title || ' has no lifecycle policy.'
when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' @> '[{"enabled":true}]' then ac.title || ' has active lifecycle policy.'
else ac.title || ' has no active lifecycle policy.'
end as reason
, ac.resource_group
, display_name as subscription
from
azure_storage_account as ac
left join azure_subscription as sub on ac.subscription_id = sub.subscription_id;

Tags