Control: Storage accounts should have lifecycle policies
Description
Storage accounts should have a lifecycle policy associated for data retention.
Usage
Run the control in your terminal:
powerpipe control run azure_thrifty.control.storage_account_without_lifecycle_policy
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_thrifty.control.storage_account_without_lifecycle_policy --share
Steampipe Tables
SQL
select ac.id as resource, case when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' is null then 'alarm' when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' @> '[{"enabled":true}]' then 'ok' else 'alarm' end as status, case when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' is null then ac.title || ' has no lifecycle policy.' when lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' @> '[{"enabled":true}]' then ac.title || ' has active lifecycle policy.' else ac.title || ' has no active lifecycle policy.' end as reason , ac.resource_group , display_name as subscriptionfrom azure_storage_account as ac left join azure_subscription as sub on ac.subscription_id = sub.subscription_id;