0
# Policy Management
1
2
Lifecycle management policies, object replication policies, and blob inventory policies for automated data management. These policies enable automated data lifecycle management, cross-region replication, and comprehensive data inventory reporting.
3
4
## Capabilities
5
6
### Lifecycle Management Policies
7
8
Configure automated lifecycle management rules to transition blobs between access tiers and delete expired data.
9
10
```python { .api }
11
class ManagementPoliciesOperations:
12
def create_or_update(
13
self,
14
resource_group_name: str,
15
account_name: str,
16
management_policy_name: ManagementPolicyName,
17
properties: ManagementPolicy
18
) -> ManagementPolicy:
19
"""
20
Sets the managementpolicy to the specified storage account.
21
22
Parameters:
23
- resource_group_name: Name of the resource group
24
- account_name: Name of the storage account
25
- management_policy_name: Name of the management policy (always "default")
26
- properties: Management policy configuration and rules
27
28
Returns:
29
Created or updated ManagementPolicy
30
"""
31
32
def get(
33
self,
34
resource_group_name: str,
35
account_name: str,
36
management_policy_name: ManagementPolicyName
37
) -> ManagementPolicy:
38
"""
39
Gets the managementpolicy associated with the specified storage account.
40
41
Parameters:
42
- resource_group_name: Name of the resource group
43
- account_name: Name of the storage account
44
- management_policy_name: Name of the management policy
45
46
Returns:
47
Current ManagementPolicy configuration
48
"""
49
50
def delete(
51
self,
52
resource_group_name: str,
53
account_name: str,
54
management_policy_name: ManagementPolicyName
55
) -> None:
56
"""
57
Deletes the managementpolicy associated with the specified storage account.
58
59
Parameters:
60
- resource_group_name: Name of the resource group
61
- account_name: Name of the storage account
62
- management_policy_name: Name of the management policy to delete
63
"""
64
```
65
66
Usage example:
67
68
```python
69
from azure.mgmt.storage.models import (
70
ManagementPolicy, ManagementPolicySchema, ManagementPolicyRule,
71
ManagementPolicyDefinition, ManagementPolicyAction, ManagementPolicyFilter,
72
ManagementPolicyBaseBlob, ManagementPolicySnapShot, ManagementPolicyVersion,
73
DateAfterModification, DateAfterCreation, ManagementPolicyName
74
)
75
76
# Create lifecycle management policy with multiple rules
77
# Rule 1: Transition hot blobs to cool after 30 days, archive after 90 days
78
hot_to_cool_action = ManagementPolicyBaseBlob(
79
tier_to_cool=DateAfterModification(days_after_modification_greater_than=30),
80
tier_to_archive=DateAfterModification(days_after_modification_greater_than=90),
81
delete=DateAfterModification(days_after_modification_greater_than=2555) # 7 years
82
)
83
84
# Rule 2: Delete old snapshots after 30 days
85
snapshot_action = ManagementPolicySnapShot(
86
delete=DateAfterCreation(days_after_creation_greater_than=30)
87
)
88
89
# Rule 3: Delete old versions after 365 days
90
version_action = ManagementPolicyVersion(
91
delete=DateAfterCreation(days_after_creation_greater_than=365)
92
)
93
94
# Combine actions
95
lifecycle_action = ManagementPolicyAction(
96
base_blob=hot_to_cool_action,
97
snapshot=snapshot_action,
98
version=version_action
99
)
100
101
# Create filter for specific blob types and prefixes
102
blob_filter = ManagementPolicyFilter(
103
prefix_match=["logs/", "temp/", "backup/"],
104
blob_types=["blockBlob"],
105
blob_index_match=[
106
TagFilter(name="Department", op="==", value="Finance"),
107
TagFilter(name="DataType", op="==", value="Archive")
108
]
109
)
110
111
# Define the rule
112
lifecycle_rule = ManagementPolicyRule(
113
enabled=True,
114
name="DataLifecycleRule",
115
type_="Lifecycle",
116
definition=ManagementPolicyDefinition(
117
actions=lifecycle_action,
118
filters=blob_filter
119
)
120
)
121
122
# Create the management policy
123
management_policy = ManagementPolicy(
124
properties=ManagementPolicyProperties(
125
policy=ManagementPolicySchema(
126
rules=[lifecycle_rule]
127
)
128
)
129
)
130
131
created_policy = client.management_policies.create_or_update(
132
resource_group_name="my-resource-group",
133
account_name="mystorageaccount123",
134
management_policy_name=ManagementPolicyName.DEFAULT,
135
properties=management_policy
136
)
137
138
print(f"Created lifecycle policy with {len(created_policy.properties.policy.rules)} rules")
139
140
# Create a more complex policy with multiple rules
141
rules = []
142
143
# Rule for log files - delete after 90 days
144
log_rule = ManagementPolicyRule(
145
enabled=True,
146
name="LogRetentionRule",
147
type_="Lifecycle",
148
definition=ManagementPolicyDefinition(
149
actions=ManagementPolicyAction(
150
base_blob=ManagementPolicyBaseBlob(
151
delete=DateAfterModification(days_after_modification_greater_than=90)
152
)
153
),
154
filters=ManagementPolicyFilter(
155
prefix_match=["logs/", "diagnostics/"],
156
blob_types=["blockBlob", "appendBlob"]
157
)
158
)
159
)
160
161
# Rule for backup files - move to archive after 30 days, delete after 7 years
162
backup_rule = ManagementPolicyRule(
163
enabled=True,
164
name="BackupArchivalRule",
165
type_="Lifecycle",
166
definition=ManagementPolicyDefinition(
167
actions=ManagementPolicyAction(
168
base_blob=ManagementPolicyBaseBlob(
169
tier_to_archive=DateAfterModification(days_after_modification_greater_than=30),
170
delete=DateAfterModification(days_after_modification_greater_than=2555)
171
)
172
),
173
filters=ManagementPolicyFilter(
174
prefix_match=["backups/"],
175
blob_types=["blockBlob"]
176
)
177
)
178
)
179
180
# Rule for temporary files - delete after 7 days
181
temp_rule = ManagementPolicyRule(
182
enabled=True,
183
name="TempFileCleanup",
184
type_="Lifecycle",
185
definition=ManagementPolicyDefinition(
186
actions=ManagementPolicyAction(
187
base_blob=ManagementPolicyBaseBlob(
188
delete=DateAfterModification(days_after_modification_greater_than=7)
189
)
190
),
191
filters=ManagementPolicyFilter(
192
prefix_match=["temp/", "tmp/", "staging/"],
193
blob_types=["blockBlob"]
194
)
195
)
196
)
197
198
rules.extend([log_rule, backup_rule, temp_rule])
199
200
# Create comprehensive policy
201
comprehensive_policy = ManagementPolicy(
202
properties=ManagementPolicyProperties(
203
policy=ManagementPolicySchema(rules=rules)
204
)
205
)
206
207
client.management_policies.create_or_update(
208
resource_group_name="my-resource-group",
209
account_name="mystorageaccount123",
210
management_policy_name=ManagementPolicyName.DEFAULT,
211
properties=comprehensive_policy
212
)
213
```
214
215
### Object Replication Policies
216
217
Configure cross-region object replication for disaster recovery and data distribution.
218
219
```python { .api }
220
class ObjectReplicationPoliciesOperations:
221
def create_or_update(
222
self,
223
resource_group_name: str,
224
account_name: str,
225
object_replication_policy_id: str,
226
properties: ObjectReplicationPolicy
227
) -> ObjectReplicationPolicy:
228
"""
229
Creates or updates the object replication policy of the storage account.
230
231
Parameters:
232
- resource_group_name: Name of the resource group
233
- account_name: Name of the storage account
234
- object_replication_policy_id: ID of the object replication policy
235
- properties: Object replication policy configuration
236
237
Returns:
238
Created or updated ObjectReplicationPolicy
239
"""
240
241
def get(
242
self,
243
resource_group_name: str,
244
account_name: str,
245
object_replication_policy_id: str
246
) -> ObjectReplicationPolicy:
247
"""
248
Gets the object replication policy of the storage account.
249
250
Parameters:
251
- resource_group_name: Name of the resource group
252
- account_name: Name of the storage account
253
- object_replication_policy_id: ID of the object replication policy
254
255
Returns:
256
ObjectReplicationPolicy configuration
257
"""
258
259
def delete(
260
self,
261
resource_group_name: str,
262
account_name: str,
263
object_replication_policy_id: str
264
) -> None:
265
"""
266
Deletes the object replication policy of the storage account.
267
268
Parameters:
269
- resource_group_name: Name of the resource group
270
- account_name: Name of the storage account
271
- object_replication_policy_id: ID of the object replication policy
272
"""
273
274
def list(
275
self,
276
resource_group_name: str,
277
account_name: str
278
) -> ItemPaged[ObjectReplicationPolicy]:
279
"""
280
List the object replication policies associated with the storage account.
281
282
Parameters:
283
- resource_group_name: Name of the resource group
284
- account_name: Name of the storage account
285
286
Returns:
287
Paginated list of ObjectReplicationPolicy objects
288
"""
289
```
290
291
Usage example:
292
293
```python
294
from azure.mgmt.storage.models import (
295
ObjectReplicationPolicy, ObjectReplicationPolicyRule,
296
ObjectReplicationPolicyFilter
297
)
298
299
# Create object replication policy for disaster recovery
300
# Source: East US storage account
301
# Destination: West US storage account
302
303
replication_filter = ObjectReplicationPolicyFilter(
304
prefix_match=["critical-data/", "customer-data/"],
305
min_creation_time="2024-01-01T00:00:00Z"
306
)
307
308
replication_rule = ObjectReplicationPolicyRule(
309
rule_id="rule1",
310
source_container="production-data",
311
destination_container="replicated-data",
312
filters=replication_filter
313
)
314
315
replication_policy = ObjectReplicationPolicy(
316
properties=ObjectReplicationPolicyProperties(
317
source_account="/subscriptions/sub-id/resourceGroups/my-rg/providers/Microsoft.Storage/storageAccounts/sourcestorage",
318
destination_account="/subscriptions/sub-id/resourceGroups/my-rg-west/providers/Microsoft.Storage/storageAccounts/deststorage",
319
rules=[replication_rule]
320
)
321
)
322
323
created_replication = client.object_replication_policies.create_or_update(
324
resource_group_name="my-resource-group",
325
account_name="sourcestorage",
326
object_replication_policy_id="policy1",
327
properties=replication_policy
328
)
329
330
print(f"Created replication policy: {created_replication.name}")
331
332
# Create multi-container replication policy
333
multi_rules = [
334
ObjectReplicationPolicyRule(
335
rule_id="documents-rule",
336
source_container="documents",
337
destination_container="documents-replica",
338
filters=ObjectReplicationPolicyFilter(
339
prefix_match=["important/", "contracts/"]
340
)
341
),
342
ObjectReplicationPolicyRule(
343
rule_id="images-rule",
344
source_container="images",
345
destination_container="images-replica",
346
filters=ObjectReplicationPolicyFilter(
347
prefix_match=["profile-pics/", "product-images/"]
348
)
349
),
350
ObjectReplicationPolicyRule(
351
rule_id="backups-rule",
352
source_container="backups",
353
destination_container="backups-replica"
354
# No filter - replicate all backup data
355
)
356
]
357
358
multi_replication_policy = ObjectReplicationPolicy(
359
properties=ObjectReplicationPolicyProperties(
360
source_account="/subscriptions/sub-id/resourceGroups/my-rg/providers/Microsoft.Storage/storageAccounts/sourcestorage",
361
destination_account="/subscriptions/sub-id/resourceGroups/my-rg-west/providers/Microsoft.Storage/storageAccounts/deststorage",
362
rules=multi_rules
363
)
364
)
365
366
client.object_replication_policies.create_or_update(
367
resource_group_name="my-resource-group",
368
account_name="sourcestorage",
369
object_replication_policy_id="multi-container-policy",
370
properties=multi_replication_policy
371
)
372
373
# List all replication policies
374
replication_policies = list(client.object_replication_policies.list(
375
resource_group_name="my-resource-group",
376
account_name="sourcestorage"
377
))
378
379
print(f"Total replication policies: {len(replication_policies)}")
380
for policy in replication_policies:
381
print(f"Policy: {policy.name}")
382
print(f" Rules: {len(policy.properties.rules)}")
383
print(f" Destination: {policy.properties.destination_account}")
384
```
385
386
## Types
387
388
```python { .api }
389
class ManagementPolicy:
390
"""Lifecycle management policy resource."""
391
id: str
392
name: str
393
type_: str
394
properties: ManagementPolicyProperties
395
396
class ManagementPolicyProperties:
397
"""Properties of management policy."""
398
policy: ManagementPolicySchema
399
last_modified_time: datetime
400
401
class ManagementPolicySchema:
402
"""Schema for management policy."""
403
rules: List[ManagementPolicyRule]
404
405
class ManagementPolicyRule:
406
"""Individual rule in management policy."""
407
enabled: bool
408
name: str
409
type_: str
410
definition: ManagementPolicyDefinition
411
412
class ManagementPolicyDefinition:
413
"""Definition of management policy rule."""
414
actions: ManagementPolicyAction
415
filters: ManagementPolicyFilter
416
417
class ManagementPolicyAction:
418
"""Actions to perform on matching blobs."""
419
base_blob: ManagementPolicyBaseBlob
420
snapshot: ManagementPolicySnapShot
421
version: ManagementPolicyVersion
422
423
class ManagementPolicyBaseBlob:
424
"""Actions for base blobs."""
425
tier_to_cool: DateAfterModification
426
tier_to_archive: DateAfterModification
427
tier_to_cold: DateAfterModification
428
delete: DateAfterModification
429
enable_auto_tier_to_hot_from_cool: bool
430
431
class ManagementPolicySnapShot:
432
"""Actions for blob snapshots."""
433
tier_to_cool: DateAfterCreation
434
tier_to_archive: DateAfterCreation
435
tier_to_cold: DateAfterCreation
436
delete: DateAfterCreation
437
438
class ManagementPolicyVersion:
439
"""Actions for blob versions."""
440
tier_to_cool: DateAfterCreation
441
tier_to_archive: DateAfterCreation
442
tier_to_cold: DateAfterCreation
443
delete: DateAfterCreation
444
445
class ManagementPolicyFilter:
446
"""Filter criteria for management policy rules."""
447
prefix_match: List[str]
448
blob_types: List[str]
449
blob_index_match: List[TagFilter]
450
451
class DateAfterModification:
452
"""Date condition based on modification time."""
453
days_after_modification_greater_than: float
454
days_after_last_access_time_greater_than: float
455
456
class DateAfterCreation:
457
"""Date condition based on creation time."""
458
days_after_creation_greater_than: float
459
days_after_last_tier_change_greater_than: float
460
461
class ObjectReplicationPolicy:
462
"""Object replication policy resource."""
463
id: str
464
name: str
465
type_: str
466
properties: ObjectReplicationPolicyProperties
467
468
class ObjectReplicationPolicyProperties:
469
"""Properties of object replication policy."""
470
policy_id: str
471
enabled_time: datetime
472
source_account: str
473
destination_account: str
474
rules: List[ObjectReplicationPolicyRule]
475
476
class ObjectReplicationPolicyRule:
477
"""Rule for object replication."""
478
rule_id: str
479
source_container: str
480
destination_container: str
481
filters: ObjectReplicationPolicyFilter
482
483
class ObjectReplicationPolicyFilter:
484
"""Filter for object replication."""
485
prefix_match: List[str]
486
min_creation_time: str
487
488
class TagFilter:
489
"""Tag-based filter condition."""
490
name: str
491
op: str
492
value: str
493
494
class ManagementPolicyName(str, Enum):
495
"""Management policy names."""
496
DEFAULT = "default"
497
```