azurermStorageManagementPolicy
Manages an Azure Storage Account Management Policy.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "resourceGroupName",
}
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
this,
"example_1",
{
account_kind: "BlobStorage",
account_replication_type: "LRS",
account_tier: "Standard",
location: azurermResourceGroupExample.location,
name: "storageaccountname",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermStorageManagementPolicyExample =
new azurerm.storageManagementPolicy.StorageManagementPolicy(
this,
"example_2",
{
rule: [
{
actions: [
{
base_blob: [
{
delete_after_days_since_modification_greater_than: 100,
tier_to_archive_after_days_since_modification_greater_than: 50,
tier_to_cool_after_days_since_modification_greater_than: 10,
},
],
snapshot: [
{
delete_after_days_since_creation_greater_than: 30,
},
],
},
],
enabled: true,
filters: [
{
blob_types: ["blockBlob"],
match_blob_index_tag: [
{
name: "tag1",
operation: "==",
value: "val1",
},
],
prefix_match: ["container1/prefix1"],
},
],
name: "rule1",
},
{
actions: [
{
base_blob: [
{
delete_after_days_since_modification_greater_than: 101,
tier_to_archive_after_days_since_modification_greater_than: 51,
tier_to_cool_after_days_since_modification_greater_than: 11,
},
],
snapshot: [
{
change_tier_to_archive_after_days_since_creation: 90,
change_tier_to_cool_after_days_since_creation: 23,
delete_after_days_since_creation_greater_than: 31,
},
],
version: [
{
change_tier_to_archive_after_days_since_creation: 9,
change_tier_to_cool_after_days_since_creation: 90,
delete_after_days_since_creation: 3,
},
],
},
],
enabled: false,
filters: [
{
blob_types: ["blockBlob"],
prefix_match: ["container2/prefix1", "container2/prefix2"],
},
],
name: "rule2",
},
],
storage_account_id: azurermStorageAccountExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageManagementPolicyExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
storageAccountId- (Required) Specifies the id of the storage account to apply the management policy to. Changing this forces a new resource to be created. -
rule- (Optional) Aruleblock as documented below.
The rule block supports the following:
name- (Required) The name of the rule. Rule name is case-sensitive. It must be unique within a policy.enabled- (Required) Boolean to specify whether the rule is enabled.filters- (Required) Afiltersblock as documented below.actions- (Required) Anactionsblock as documented below.
The filters block supports the following:
blobTypes- (Required) An array of predefined values. Valid options areblockBlobandappendBlob.prefixMatch- (Optional) An array of strings for prefixes to be matched.matchBlobIndexTag- (Optional) AmatchBlobIndexTagblock as defined below. The block defines the blob index tag based filtering for blob objects.
\~> NOTE: The matchBlobIndexTag property requires enabling the blobIndex feature with PSH or CLI commands.
The actions block supports the following:
baseBlob- (Optional) AbaseBlobblock as documented below.snapshot- (Optional) Asnapshotblock as documented below.version- (Optional) Aversionblock as documented below.
The baseBlob block supports the following:
tierToCoolAfterDaysSinceModificationGreaterThan- (Optional) The age in days after last modification to tier blobs to cool storage. Supports blob currently at Hot tier. Must be between 0 and 99999. Defaults to1.tierToCoolAfterDaysSinceLastAccessTimeGreaterThan- (Optional) The age in days after last access time to tier blobs to cool storage. Supports blob currently at Hot tier. Must be between0and99999. Defaults to1.tierToCoolAfterDaysSinceCreationGreaterThan- (Optional) The age in days after creation to cool storage. Supports blob currently at Hot tier. Must be between0and99999. Defaults to1.
\~> Note: The tierToCoolAfterDaysSinceModificationGreaterThan, tierToCoolAfterDaysSinceLastAccessTimeGreaterThan and tierToCoolAfterDaysSinceCreationGreaterThan can not be set at the same time.
autoTierToHotFromCoolEnabled- (Optional) Whether a blob should automatically be tiered from cool back to hot if it's accessed again after being tiered to cool. Defaults tofalse.
\~> Note: The autoTierToHotFromCoolEnabled must be used together with tierToCoolAfterDaysSinceLastAccessTimeGreaterThan.
tierToArchiveAfterDaysSinceModificationGreaterThan- (Optional) The age in days after last modification to tier blobs to archive storage. Supports blob currently at Hot or Cool tier. Must be between 0 and 99999. Defaults to1.tierToArchiveAfterDaysSinceLastAccessTimeGreaterThan- (Optional) The age in days after last access time to tier blobs to archive storage. Supports blob currently at Hot or Cool tier. Must be between0and99999. Defaults to1.tierToArchiveAfterDaysSinceCreationGreaterThan- (Optional) The age in days after creation to archive storage. Supports blob currently at Hot or Cool tier. Must be between0and99999. Defaults to1.
\~> Note: The tierToArchiveAfterDaysSinceModificationGreaterThan, tierToArchiveAfterDaysSinceLastAccessTimeGreaterThan and tierToArchiveAfterDaysSinceCreationGreaterThan can not be set at the same time.
-
tierToArchiveAfterDaysSinceLastTierChangeGreaterThan- (Optional) The age in days after last tier change to the blobs to skip to be archved. Must be between 0 and 99999. Defaults to1. -
deleteAfterDaysSinceModificationGreaterThan- (Optional) The age in days after last modification to delete the blob. Must be between 0 and 99999. Defaults to1. -
deleteAfterDaysSinceLastAccessTimeGreaterThan- (Optional) The age in days after last access time to delete the blob. Must be between0and99999. Defaults to1. -
deleteAfterDaysSinceCreationGreaterThan- (Optional) The age in days after creation to delete the blob. Must be between0and99999. Defaults to1.
\~> Note: The deleteAfterDaysSinceModificationGreaterThan, deleteAfterDaysSinceLastAccessTimeGreaterThan and deleteAfterDaysSinceCreationGreaterThan can not be set at the same time.
\~> Note: The lastAccessTimeEnabled must be set to true in the azurermStorageAccount in order to use tierToCoolAfterDaysSinceLastAccessTimeGreaterThan, tierToArchiveAfterDaysSinceLastAccessTimeGreaterThan and deleteAfterDaysSinceLastAccessTimeGreaterThan.
The snapshot block supports the following:
changeTierToArchiveAfterDaysSinceCreation- (Optional) The age in days after creation to tier blob snapshot to archive storage. Must be between 0 and 99999. Defaults to1.tierToArchiveAfterDaysSinceLastTierChangeGreaterThan- (Optional) The age in days after last tier change to the blobs to skip to be archved. Must be between 0 and 99999. Defaults to1.changeTierToCoolAfterDaysSinceCreation- (Optional) The age in days after creation to tier blob snapshot to cool storage. Must be between 0 and 99999. Defaults to1.deleteAfterDaysSinceCreationGreaterThan- (Optional) The age in days after creation to delete the blob snapshot. Must be between 0 and 99999. Defaults to1.
The version block supports the following:
changeTierToArchiveAfterDaysSinceCreation- (Optional) The age in days after creation to tier blob version to archive storage. Must be between 0 and 99999. Defaults to1.tierToArchiveAfterDaysSinceLastTierChangeGreaterThan- (Optional) The age in days after last tier change to the blobs to skip to be archved. Must be between 0 and 99999. Defaults to1.changeTierToCoolAfterDaysSinceCreation- (Optional) The age in days creation create to tier blob version to cool storage. Must be between 0 and 99999. Defaults to1.deleteAfterDaysSinceCreation- (Optional) The age in days after creation to delete the blob version. Must be between 0 and 99999. Defaults to1.
The matchBlobIndexTag block supports the following:
name- (Required) The filter tag name used for tag based filtering for blob objects.operation- (Optional) The comparison operator which is used for object comparison and filtering. Possible value is==. Defaults to==.value- (Required) The filter tag value used for tag based filtering for blob objects.
Attributes Reference
The following attributes are exported:
id- The ID of the Storage Account Management Policy.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Storage Account Management Policy.update- (Defaults to 30 minutes) Used when updating the Storage Account Management Policy.read- (Defaults to 5 minutes) Used when retrieving the Storage Account Management Policy.delete- (Defaults to 30 minutes) Used when deleting the Storage Account Management Policy.
Import
Storage Account Management Policies can be imported using the resourceId, e.g.