The azure-native:storage:ManagementPolicy resource, part of the Pulumi Azure Native provider, defines lifecycle management rules that automatically tier, archive, or delete blobs in Azure Storage accounts based on age, access patterns, or blob metadata. This guide focuses on three capabilities: time-based tiering strategies, blob filtering with prefixes and tags, and access-time and tier-change tracking.
Management policies apply to existing storage accounts and containers. Some features like last-access-time tracking require account-level configuration. The examples are intentionally small. Combine them with your own storage account setup and monitoring.
Tier and delete blobs based on modification time
Most lifecycle policies move blobs through storage tiers as they age, reducing costs by archiving infrequently accessed data and eventually deleting it.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const managementPolicy = new azure_native.storage.ManagementPolicy("managementPolicy", {
accountName: "sto9699",
managementPolicyName: "default",
policy: {
rules: [
{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterModificationGreaterThan: 90,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
snapshot: {
"delete": {
daysAfterCreationGreaterThan: 30,
},
},
},
filters: {
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer1"],
},
},
enabled: true,
name: "olcmtest1",
type: azure_native.storage.RuleType.Lifecycle,
},
{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterModificationGreaterThan: 90,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
},
filters: {
blobIndexMatch: [
{
name: "tag1",
op: "==",
value: "val1",
},
{
name: "tag2",
op: "==",
value: "val2",
},
],
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer2"],
},
},
enabled: true,
name: "olcmtest2",
type: azure_native.storage.RuleType.Lifecycle,
},
],
},
resourceGroupName: "res7687",
});
import pulumi
import pulumi_azure_native as azure_native
management_policy = azure_native.storage.ManagementPolicy("managementPolicy",
account_name="sto9699",
management_policy_name="default",
policy={
"rules": [
{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_modification_greater_than": 90,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
"snapshot": {
"delete": {
"days_after_creation_greater_than": 30,
},
},
},
"filters": {
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer1"],
},
},
"enabled": True,
"name": "olcmtest1",
"type": azure_native.storage.RuleType.LIFECYCLE,
},
{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_modification_greater_than": 90,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
},
"filters": {
"blob_index_match": [
{
"name": "tag1",
"op": "==",
"value": "val1",
},
{
"name": "tag2",
"op": "==",
"value": "val2",
},
],
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer2"],
},
},
"enabled": True,
"name": "olcmtest2",
"type": azure_native.storage.RuleType.LIFECYCLE,
},
],
},
resource_group_name="res7687")
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewManagementPolicy(ctx, "managementPolicy", &storage.ManagementPolicyArgs{
AccountName: pulumi.String("sto9699"),
ManagementPolicyName: pulumi.String("default"),
Policy: &storage.ManagementPolicySchemaArgs{
Rules: storage.ManagementPolicyRuleArray{
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
Snapshot: &storage.ManagementPolicySnapShotArgs{
Delete: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer1"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest1"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobIndexMatch: storage.TagFilterArray{
&storage.TagFilterArgs{
Name: pulumi.String("tag1"),
Op: pulumi.String("=="),
Value: pulumi.String("val1"),
},
&storage.TagFilterArgs{
Name: pulumi.String("tag2"),
Op: pulumi.String("=="),
Value: pulumi.String("val2"),
},
},
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer2"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest2"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
},
},
ResourceGroupName: pulumi.String("res7687"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var managementPolicy = new AzureNative.Storage.ManagementPolicy("managementPolicy", new()
{
AccountName = "sto9699",
ManagementPolicyName = "default",
Policy = new AzureNative.Storage.Inputs.ManagementPolicySchemaArgs
{
Rules = new[]
{
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
Snapshot = new AzureNative.Storage.Inputs.ManagementPolicySnapShotArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer1",
},
},
},
Enabled = true,
Name = "olcmtest1",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobIndexMatch = new[]
{
new AzureNative.Storage.Inputs.TagFilterArgs
{
Name = "tag1",
Op = "==",
Value = "val1",
},
new AzureNative.Storage.Inputs.TagFilterArgs
{
Name = "tag2",
Op = "==",
Value = "val2",
},
},
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer2",
},
},
},
Enabled = true,
Name = "olcmtest2",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
},
},
ResourceGroupName = "res7687",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.ManagementPolicy;
import com.pulumi.azurenative.storage.ManagementPolicyArgs;
import com.pulumi.azurenative.storage.inputs.ManagementPolicySchemaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var managementPolicy = new ManagementPolicy("managementPolicy", ManagementPolicyArgs.builder()
.accountName("sto9699")
.managementPolicyName("default")
.policy(ManagementPolicySchemaArgs.builder()
.rules(
ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.snapshot(ManagementPolicySnapShotArgs.builder()
.delete(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer1")
.build())
.build())
.enabled(true)
.name("olcmtest1")
.type("Lifecycle")
.build(),
ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobIndexMatch(
TagFilterArgs.builder()
.name("tag1")
.op("==")
.value("val1")
.build(),
TagFilterArgs.builder()
.name("tag2")
.op("==")
.value("val2")
.build())
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer2")
.build())
.build())
.enabled(true)
.name("olcmtest2")
.type("Lifecycle")
.build())
.build())
.resourceGroupName("res7687")
.build());
}
}
resources:
managementPolicy:
type: azure-native:storage:ManagementPolicy
properties:
accountName: sto9699
managementPolicyName: default
policy:
rules:
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterModificationGreaterThan: 90
tierToCool:
daysAfterModificationGreaterThan: 30
snapshot:
delete:
daysAfterCreationGreaterThan: 30
filters:
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer1
enabled: true
name: olcmtest1
type: Lifecycle
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterModificationGreaterThan: 90
tierToCool:
daysAfterModificationGreaterThan: 30
filters:
blobIndexMatch:
- name: tag1
op: ==
value: val1
- name: tag2
op: ==
value: val2
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer2
enabled: true
name: olcmtest2
type: Lifecycle
resourceGroupName: res7687
The policy evaluates each blob’s modification time against the thresholds you set. The baseBlob actions define what happens to current blob versions: tierToCool moves blobs to Cool storage after 30 days, tierToArchive moves them to Archive after 90 days, and delete removes them after 1000 days. The filters property uses prefixMatch to target specific containers and blobTypes to specify which blob types the rule applies to.
Filter blobs by container prefix and blob index tags
When different containers or blob sets need different lifecycle rules, you can target specific blobs using container prefixes or blob index tags.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const managementPolicy = new azure_native.storage.ManagementPolicy("managementPolicy", {
accountName: "sto9699",
managementPolicyName: "default",
policy: {
rules: [
{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterModificationGreaterThan: 90,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
snapshot: {
"delete": {
daysAfterCreationGreaterThan: 30,
},
},
},
filters: {
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer1"],
},
},
enabled: true,
name: "olcmtest1",
type: azure_native.storage.RuleType.Lifecycle,
},
{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterModificationGreaterThan: 90,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
},
filters: {
blobIndexMatch: [
{
name: "tag1",
op: "==",
value: "val1",
},
{
name: "tag2",
op: "==",
value: "val2",
},
],
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer2"],
},
},
enabled: true,
name: "olcmtest2",
type: azure_native.storage.RuleType.Lifecycle,
},
],
},
resourceGroupName: "res7687",
});
import pulumi
import pulumi_azure_native as azure_native
management_policy = azure_native.storage.ManagementPolicy("managementPolicy",
account_name="sto9699",
management_policy_name="default",
policy={
"rules": [
{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_modification_greater_than": 90,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
"snapshot": {
"delete": {
"days_after_creation_greater_than": 30,
},
},
},
"filters": {
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer1"],
},
},
"enabled": True,
"name": "olcmtest1",
"type": azure_native.storage.RuleType.LIFECYCLE,
},
{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_modification_greater_than": 90,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
},
"filters": {
"blob_index_match": [
{
"name": "tag1",
"op": "==",
"value": "val1",
},
{
"name": "tag2",
"op": "==",
"value": "val2",
},
],
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer2"],
},
},
"enabled": True,
"name": "olcmtest2",
"type": azure_native.storage.RuleType.LIFECYCLE,
},
],
},
resource_group_name="res7687")
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewManagementPolicy(ctx, "managementPolicy", &storage.ManagementPolicyArgs{
AccountName: pulumi.String("sto9699"),
ManagementPolicyName: pulumi.String("default"),
Policy: &storage.ManagementPolicySchemaArgs{
Rules: storage.ManagementPolicyRuleArray{
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
Snapshot: &storage.ManagementPolicySnapShotArgs{
Delete: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer1"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest1"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobIndexMatch: storage.TagFilterArray{
&storage.TagFilterArgs{
Name: pulumi.String("tag1"),
Op: pulumi.String("=="),
Value: pulumi.String("val1"),
},
&storage.TagFilterArgs{
Name: pulumi.String("tag2"),
Op: pulumi.String("=="),
Value: pulumi.String("val2"),
},
},
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer2"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest2"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
},
},
ResourceGroupName: pulumi.String("res7687"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var managementPolicy = new AzureNative.Storage.ManagementPolicy("managementPolicy", new()
{
AccountName = "sto9699",
ManagementPolicyName = "default",
Policy = new AzureNative.Storage.Inputs.ManagementPolicySchemaArgs
{
Rules = new[]
{
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
Snapshot = new AzureNative.Storage.Inputs.ManagementPolicySnapShotArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer1",
},
},
},
Enabled = true,
Name = "olcmtest1",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobIndexMatch = new[]
{
new AzureNative.Storage.Inputs.TagFilterArgs
{
Name = "tag1",
Op = "==",
Value = "val1",
},
new AzureNative.Storage.Inputs.TagFilterArgs
{
Name = "tag2",
Op = "==",
Value = "val2",
},
},
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer2",
},
},
},
Enabled = true,
Name = "olcmtest2",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
},
},
ResourceGroupName = "res7687",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.ManagementPolicy;
import com.pulumi.azurenative.storage.ManagementPolicyArgs;
import com.pulumi.azurenative.storage.inputs.ManagementPolicySchemaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var managementPolicy = new ManagementPolicy("managementPolicy", ManagementPolicyArgs.builder()
.accountName("sto9699")
.managementPolicyName("default")
.policy(ManagementPolicySchemaArgs.builder()
.rules(
ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.snapshot(ManagementPolicySnapShotArgs.builder()
.delete(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer1")
.build())
.build())
.enabled(true)
.name("olcmtest1")
.type("Lifecycle")
.build(),
ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobIndexMatch(
TagFilterArgs.builder()
.name("tag1")
.op("==")
.value("val1")
.build(),
TagFilterArgs.builder()
.name("tag2")
.op("==")
.value("val2")
.build())
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer2")
.build())
.build())
.enabled(true)
.name("olcmtest2")
.type("Lifecycle")
.build())
.build())
.resourceGroupName("res7687")
.build());
}
}
resources:
managementPolicy:
type: azure-native:storage:ManagementPolicy
properties:
accountName: sto9699
managementPolicyName: default
policy:
rules:
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterModificationGreaterThan: 90
tierToCool:
daysAfterModificationGreaterThan: 30
snapshot:
delete:
daysAfterCreationGreaterThan: 30
filters:
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer1
enabled: true
name: olcmtest1
type: Lifecycle
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterModificationGreaterThan: 90
tierToCool:
daysAfterModificationGreaterThan: 30
filters:
blobIndexMatch:
- name: tag1
op: ==
value: val1
- name: tag2
op: ==
value: val2
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer2
enabled: true
name: olcmtest2
type: Lifecycle
resourceGroupName: res7687
The second rule in this example demonstrates tag-based filtering. The blobIndexMatch array defines tag conditions that blobs must meet for the rule to apply. Each TagFilter specifies a tag name, operator (typically “==”), and value. This lets you apply different lifecycle policies to blobs based on metadata rather than just container location.
Use Cold tier for intermediate storage costs
The Cold tier sits between Cool and Archive, offering lower storage costs than Cool with faster access than Archive for data accessed a few times per year.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const managementPolicy = new azure_native.storage.ManagementPolicy("managementPolicy", {
accountName: "sto9699",
managementPolicyName: "default",
policy: {
rules: [{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterModificationGreaterThan: 90,
},
tierToCold: {
daysAfterModificationGreaterThan: 30,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
snapshot: {
"delete": {
daysAfterCreationGreaterThan: 30,
},
tierToCold: {
daysAfterCreationGreaterThan: 30,
},
},
version: {
"delete": {
daysAfterCreationGreaterThan: 30,
},
tierToCold: {
daysAfterCreationGreaterThan: 30,
},
},
},
filters: {
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer1"],
},
},
enabled: true,
name: "olcmtest1",
type: azure_native.storage.RuleType.Lifecycle,
}],
},
resourceGroupName: "res7687",
});
import pulumi
import pulumi_azure_native as azure_native
management_policy = azure_native.storage.ManagementPolicy("managementPolicy",
account_name="sto9699",
management_policy_name="default",
policy={
"rules": [{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_modification_greater_than": 90,
},
"tier_to_cold": {
"days_after_modification_greater_than": 30,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
"snapshot": {
"delete": {
"days_after_creation_greater_than": 30,
},
"tier_to_cold": {
"days_after_creation_greater_than": 30,
},
},
"version": {
"delete": {
"days_after_creation_greater_than": 30,
},
"tier_to_cold": {
"days_after_creation_greater_than": 30,
},
},
},
"filters": {
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer1"],
},
},
"enabled": True,
"name": "olcmtest1",
"type": azure_native.storage.RuleType.LIFECYCLE,
}],
},
resource_group_name="res7687")
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewManagementPolicy(ctx, "managementPolicy", &storage.ManagementPolicyArgs{
AccountName: pulumi.String("sto9699"),
ManagementPolicyName: pulumi.String("default"),
Policy: &storage.ManagementPolicySchemaArgs{
Rules: storage.ManagementPolicyRuleArray{
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCold: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
Snapshot: &storage.ManagementPolicySnapShotArgs{
Delete: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
TierToCold: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
},
Version: &storage.ManagementPolicyVersionArgs{
Delete: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
TierToCold: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer1"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest1"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
},
},
ResourceGroupName: pulumi.String("res7687"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var managementPolicy = new AzureNative.Storage.ManagementPolicy("managementPolicy", new()
{
AccountName = "sto9699",
ManagementPolicyName = "default",
Policy = new AzureNative.Storage.Inputs.ManagementPolicySchemaArgs
{
Rules = new[]
{
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 90,
},
TierToCold = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
Snapshot = new AzureNative.Storage.Inputs.ManagementPolicySnapShotArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
TierToCold = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
},
Version = new AzureNative.Storage.Inputs.ManagementPolicyVersionArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
TierToCold = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer1",
},
},
},
Enabled = true,
Name = "olcmtest1",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
},
},
ResourceGroupName = "res7687",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.ManagementPolicy;
import com.pulumi.azurenative.storage.ManagementPolicyArgs;
import com.pulumi.azurenative.storage.inputs.ManagementPolicySchemaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var managementPolicy = new ManagementPolicy("managementPolicy", ManagementPolicyArgs.builder()
.accountName("sto9699")
.managementPolicyName("default")
.policy(ManagementPolicySchemaArgs.builder()
.rules(ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCold(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.snapshot(ManagementPolicySnapShotArgs.builder()
.delete(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.tierToCold(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.build())
.version(ManagementPolicyVersionArgs.builder()
.delete(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.tierToCold(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer1")
.build())
.build())
.enabled(true)
.name("olcmtest1")
.type("Lifecycle")
.build())
.build())
.resourceGroupName("res7687")
.build());
}
}
resources:
managementPolicy:
type: azure-native:storage:ManagementPolicy
properties:
accountName: sto9699
managementPolicyName: default
policy:
rules:
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterModificationGreaterThan: 90
tierToCold:
daysAfterModificationGreaterThan: 30
tierToCool:
daysAfterModificationGreaterThan: 30
snapshot:
delete:
daysAfterCreationGreaterThan: 30
tierToCold:
daysAfterCreationGreaterThan: 30
version:
delete:
daysAfterCreationGreaterThan: 30
tierToCold:
daysAfterCreationGreaterThan: 30
filters:
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer1
enabled: true
name: olcmtest1
type: Lifecycle
resourceGroupName: res7687
The tierToCold action moves blobs to Cold storage, which costs less than Cool but more than Archive. This example also shows how to apply lifecycle rules to snapshots and versions: the snapshot and version blocks define separate tiering schedules based on creation time rather than modification time.
Tier blobs based on last access time
Access-time tracking enables policies that respond to actual usage patterns rather than just blob age, moving cold data to cheaper tiers while keeping frequently accessed data hot.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const managementPolicy = new azure_native.storage.ManagementPolicy("managementPolicy", {
accountName: "sto9699",
managementPolicyName: "default",
policy: {
rules: [{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterLastAccessTimeGreaterThan: 1000,
},
enableAutoTierToHotFromCool: true,
tierToArchive: {
daysAfterLastAccessTimeGreaterThan: 90,
},
tierToCool: {
daysAfterLastAccessTimeGreaterThan: 30,
},
},
snapshot: {
"delete": {
daysAfterCreationGreaterThan: 30,
},
},
},
filters: {
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer"],
},
},
enabled: true,
name: "olcmtest",
type: azure_native.storage.RuleType.Lifecycle,
}],
},
resourceGroupName: "res7687",
});
import pulumi
import pulumi_azure_native as azure_native
management_policy = azure_native.storage.ManagementPolicy("managementPolicy",
account_name="sto9699",
management_policy_name="default",
policy={
"rules": [{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_last_access_time_greater_than": 1000,
},
"enable_auto_tier_to_hot_from_cool": True,
"tier_to_archive": {
"days_after_last_access_time_greater_than": 90,
},
"tier_to_cool": {
"days_after_last_access_time_greater_than": 30,
},
},
"snapshot": {
"delete": {
"days_after_creation_greater_than": 30,
},
},
},
"filters": {
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer"],
},
},
"enabled": True,
"name": "olcmtest",
"type": azure_native.storage.RuleType.LIFECYCLE,
}],
},
resource_group_name="res7687")
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewManagementPolicy(ctx, "managementPolicy", &storage.ManagementPolicyArgs{
AccountName: pulumi.String("sto9699"),
ManagementPolicyName: pulumi.String("default"),
Policy: &storage.ManagementPolicySchemaArgs{
Rules: storage.ManagementPolicyRuleArray{
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterLastAccessTimeGreaterThan: pulumi.Float64(1000),
},
EnableAutoTierToHotFromCool: pulumi.Bool(true),
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterLastAccessTimeGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterLastAccessTimeGreaterThan: pulumi.Float64(30),
},
},
Snapshot: &storage.ManagementPolicySnapShotArgs{
Delete: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
},
},
ResourceGroupName: pulumi.String("res7687"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var managementPolicy = new AzureNative.Storage.ManagementPolicy("managementPolicy", new()
{
AccountName = "sto9699",
ManagementPolicyName = "default",
Policy = new AzureNative.Storage.Inputs.ManagementPolicySchemaArgs
{
Rules = new[]
{
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterLastAccessTimeGreaterThan = 1000,
},
EnableAutoTierToHotFromCool = true,
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterLastAccessTimeGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterLastAccessTimeGreaterThan = 30,
},
},
Snapshot = new AzureNative.Storage.Inputs.ManagementPolicySnapShotArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer",
},
},
},
Enabled = true,
Name = "olcmtest",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
},
},
ResourceGroupName = "res7687",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.ManagementPolicy;
import com.pulumi.azurenative.storage.ManagementPolicyArgs;
import com.pulumi.azurenative.storage.inputs.ManagementPolicySchemaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var managementPolicy = new ManagementPolicy("managementPolicy", ManagementPolicyArgs.builder()
.accountName("sto9699")
.managementPolicyName("default")
.policy(ManagementPolicySchemaArgs.builder()
.rules(ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterLastAccessTimeGreaterThan(1000.0)
.build())
.enableAutoTierToHotFromCool(true)
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterLastAccessTimeGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterLastAccessTimeGreaterThan(30.0)
.build())
.build())
.snapshot(ManagementPolicySnapShotArgs.builder()
.delete(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer")
.build())
.build())
.enabled(true)
.name("olcmtest")
.type("Lifecycle")
.build())
.build())
.resourceGroupName("res7687")
.build());
}
}
resources:
managementPolicy:
type: azure-native:storage:ManagementPolicy
properties:
accountName: sto9699
managementPolicyName: default
policy:
rules:
- definition:
actions:
baseBlob:
delete:
daysAfterLastAccessTimeGreaterThan: 1000
enableAutoTierToHotFromCool: true
tierToArchive:
daysAfterLastAccessTimeGreaterThan: 90
tierToCool:
daysAfterLastAccessTimeGreaterThan: 30
snapshot:
delete:
daysAfterCreationGreaterThan: 30
filters:
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer
enabled: true
name: olcmtest
type: Lifecycle
resourceGroupName: res7687
The daysAfterLastAccessTimeGreaterThan property triggers actions based on when blobs were last read, not when they were created or modified. The enableAutoTierToHotFromCool property automatically moves blobs back to Hot tier when they’re accessed from Cool, optimizing for workloads with unpredictable access patterns. This requires last access time tracking to be enabled on the storage account.
Control tier transitions with cooldown periods
Some workloads need to prevent rapid tier changes that could increase costs or cause performance issues. Tier change tracking adds minimum time requirements between transitions.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const managementPolicy = new azure_native.storage.ManagementPolicy("managementPolicy", {
accountName: "sto9699",
managementPolicyName: "default",
policy: {
rules: [{
definition: {
actions: {
baseBlob: {
"delete": {
daysAfterModificationGreaterThan: 1000,
},
tierToArchive: {
daysAfterLastTierChangeGreaterThan: 120,
daysAfterModificationGreaterThan: 90,
},
tierToCool: {
daysAfterModificationGreaterThan: 30,
},
},
snapshot: {
tierToArchive: {
daysAfterCreationGreaterThan: 30,
daysAfterLastTierChangeGreaterThan: 90,
},
},
version: {
tierToArchive: {
daysAfterCreationGreaterThan: 30,
daysAfterLastTierChangeGreaterThan: 90,
},
},
},
filters: {
blobTypes: ["blockBlob"],
prefixMatch: ["olcmtestcontainer"],
},
},
enabled: true,
name: "olcmtest",
type: azure_native.storage.RuleType.Lifecycle,
}],
},
resourceGroupName: "res7687",
});
import pulumi
import pulumi_azure_native as azure_native
management_policy = azure_native.storage.ManagementPolicy("managementPolicy",
account_name="sto9699",
management_policy_name="default",
policy={
"rules": [{
"definition": {
"actions": {
"base_blob": {
"delete": {
"days_after_modification_greater_than": 1000,
},
"tier_to_archive": {
"days_after_last_tier_change_greater_than": 120,
"days_after_modification_greater_than": 90,
},
"tier_to_cool": {
"days_after_modification_greater_than": 30,
},
},
"snapshot": {
"tier_to_archive": {
"days_after_creation_greater_than": 30,
"days_after_last_tier_change_greater_than": 90,
},
},
"version": {
"tier_to_archive": {
"days_after_creation_greater_than": 30,
"days_after_last_tier_change_greater_than": 90,
},
},
},
"filters": {
"blob_types": ["blockBlob"],
"prefix_match": ["olcmtestcontainer"],
},
},
"enabled": True,
"name": "olcmtest",
"type": azure_native.storage.RuleType.LIFECYCLE,
}],
},
resource_group_name="res7687")
package main
import (
storage "github.com/pulumi/pulumi-azure-native-sdk/storage/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := storage.NewManagementPolicy(ctx, "managementPolicy", &storage.ManagementPolicyArgs{
AccountName: pulumi.String("sto9699"),
ManagementPolicyName: pulumi.String("default"),
Policy: &storage.ManagementPolicySchemaArgs{
Rules: storage.ManagementPolicyRuleArray{
&storage.ManagementPolicyRuleArgs{
Definition: &storage.ManagementPolicyDefinitionArgs{
Actions: &storage.ManagementPolicyActionArgs{
BaseBlob: &storage.ManagementPolicyBaseBlobArgs{
Delete: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(1000),
},
TierToArchive: &storage.DateAfterModificationArgs{
DaysAfterLastTierChangeGreaterThan: pulumi.Float64(120),
DaysAfterModificationGreaterThan: pulumi.Float64(90),
},
TierToCool: &storage.DateAfterModificationArgs{
DaysAfterModificationGreaterThan: pulumi.Float64(30),
},
},
Snapshot: &storage.ManagementPolicySnapShotArgs{
TierToArchive: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
DaysAfterLastTierChangeGreaterThan: pulumi.Float64(90),
},
},
Version: &storage.ManagementPolicyVersionArgs{
TierToArchive: &storage.DateAfterCreationArgs{
DaysAfterCreationGreaterThan: pulumi.Float64(30),
DaysAfterLastTierChangeGreaterThan: pulumi.Float64(90),
},
},
},
Filters: &storage.ManagementPolicyFilterArgs{
BlobTypes: pulumi.StringArray{
pulumi.String("blockBlob"),
},
PrefixMatch: pulumi.StringArray{
pulumi.String("olcmtestcontainer"),
},
},
},
Enabled: pulumi.Bool(true),
Name: pulumi.String("olcmtest"),
Type: pulumi.String(storage.RuleTypeLifecycle),
},
},
},
ResourceGroupName: pulumi.String("res7687"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var managementPolicy = new AzureNative.Storage.ManagementPolicy("managementPolicy", new()
{
AccountName = "sto9699",
ManagementPolicyName = "default",
Policy = new AzureNative.Storage.Inputs.ManagementPolicySchemaArgs
{
Rules = new[]
{
new AzureNative.Storage.Inputs.ManagementPolicyRuleArgs
{
Definition = new AzureNative.Storage.Inputs.ManagementPolicyDefinitionArgs
{
Actions = new AzureNative.Storage.Inputs.ManagementPolicyActionArgs
{
BaseBlob = new AzureNative.Storage.Inputs.ManagementPolicyBaseBlobArgs
{
Delete = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 1000,
},
TierToArchive = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterLastTierChangeGreaterThan = 120,
DaysAfterModificationGreaterThan = 90,
},
TierToCool = new AzureNative.Storage.Inputs.DateAfterModificationArgs
{
DaysAfterModificationGreaterThan = 30,
},
},
Snapshot = new AzureNative.Storage.Inputs.ManagementPolicySnapShotArgs
{
TierToArchive = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
DaysAfterLastTierChangeGreaterThan = 90,
},
},
Version = new AzureNative.Storage.Inputs.ManagementPolicyVersionArgs
{
TierToArchive = new AzureNative.Storage.Inputs.DateAfterCreationArgs
{
DaysAfterCreationGreaterThan = 30,
DaysAfterLastTierChangeGreaterThan = 90,
},
},
},
Filters = new AzureNative.Storage.Inputs.ManagementPolicyFilterArgs
{
BlobTypes = new[]
{
"blockBlob",
},
PrefixMatch = new[]
{
"olcmtestcontainer",
},
},
},
Enabled = true,
Name = "olcmtest",
Type = AzureNative.Storage.RuleType.Lifecycle,
},
},
},
ResourceGroupName = "res7687",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.storage.ManagementPolicy;
import com.pulumi.azurenative.storage.ManagementPolicyArgs;
import com.pulumi.azurenative.storage.inputs.ManagementPolicySchemaArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var managementPolicy = new ManagementPolicy("managementPolicy", ManagementPolicyArgs.builder()
.accountName("sto9699")
.managementPolicyName("default")
.policy(ManagementPolicySchemaArgs.builder()
.rules(ManagementPolicyRuleArgs.builder()
.definition(ManagementPolicyDefinitionArgs.builder()
.actions(ManagementPolicyActionArgs.builder()
.baseBlob(ManagementPolicyBaseBlobArgs.builder()
.delete(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(1000.0)
.build())
.tierToArchive(DateAfterModificationArgs.builder()
.daysAfterLastTierChangeGreaterThan(120.0)
.daysAfterModificationGreaterThan(90.0)
.build())
.tierToCool(DateAfterModificationArgs.builder()
.daysAfterModificationGreaterThan(30.0)
.build())
.build())
.snapshot(ManagementPolicySnapShotArgs.builder()
.tierToArchive(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.daysAfterLastTierChangeGreaterThan(90.0)
.build())
.build())
.version(ManagementPolicyVersionArgs.builder()
.tierToArchive(DateAfterCreationArgs.builder()
.daysAfterCreationGreaterThan(30.0)
.daysAfterLastTierChangeGreaterThan(90.0)
.build())
.build())
.build())
.filters(ManagementPolicyFilterArgs.builder()
.blobTypes("blockBlob")
.prefixMatch("olcmtestcontainer")
.build())
.build())
.enabled(true)
.name("olcmtest")
.type("Lifecycle")
.build())
.build())
.resourceGroupName("res7687")
.build());
}
}
resources:
managementPolicy:
type: azure-native:storage:ManagementPolicy
properties:
accountName: sto9699
managementPolicyName: default
policy:
rules:
- definition:
actions:
baseBlob:
delete:
daysAfterModificationGreaterThan: 1000
tierToArchive:
daysAfterLastTierChangeGreaterThan: 120
daysAfterModificationGreaterThan: 90
tierToCool:
daysAfterModificationGreaterThan: 30
snapshot:
tierToArchive:
daysAfterCreationGreaterThan: 30
daysAfterLastTierChangeGreaterThan: 90
version:
tierToArchive:
daysAfterCreationGreaterThan: 30
daysAfterLastTierChangeGreaterThan: 90
filters:
blobTypes:
- blockBlob
prefixMatch:
- olcmtestcontainer
enabled: true
name: olcmtest
type: Lifecycle
resourceGroupName: res7687
The daysAfterLastTierChangeGreaterThan property enforces a minimum time in the current tier before allowing another transition. In this example, blobs must remain in Cool tier for at least 120 days before moving to Archive, even if they meet the 90-day modification threshold. This prevents thrashing between tiers for blobs with fluctuating access patterns.
Beyond these examples
These snippets focus on specific lifecycle management features: time-based tiering (modification, creation, access, tier change), blob filtering (prefixes and index tags), and snapshot and version lifecycle management. They’re intentionally minimal rather than full storage lifecycle solutions.
The examples reference pre-existing infrastructure such as Azure storage accounts with blob containers, resource groups, and last access time tracking (for access-based policies). They focus on configuring lifecycle rules rather than provisioning the storage infrastructure.
To keep things focused, common lifecycle patterns are omitted, including:
- Rule enablement and disabling (enabled property)
- Multiple blob types in filters (pageBlob support)
- Tier-to-Hot actions for rehydration workflows
- Delete actions for snapshots and versions
These omissions are intentional: the goal is to illustrate how each lifecycle rule feature is wired, not provide drop-in storage management modules. See the ManagementPolicy resource reference for all available configuration options.
Let's configure Azure Storage Management Policies
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Policy Configuration
Why must the management policy name always be 'default'?
The
managementPolicyName property must be set to "default" as it’s the only supported value for storage account management policies. This is an immutable property.What properties are immutable after creation?
The
accountName, managementPolicyName, and resourceGroupName properties cannot be changed after the management policy is created.Lifecycle Actions & Triggers
What time-based triggers can I use for lifecycle rules?
You can trigger actions based on four different time metrics:
- daysAfterModificationGreaterThan - Days since blob was last modified
- daysAfterCreationGreaterThan - Days since blob was created
- daysAfterLastAccessTimeGreaterThan - Days since blob was last accessed
- daysAfterLastTierChangeGreaterThan - Days since blob’s storage tier was changed
What storage tier actions can I configure?
Management policies support five lifecycle actions:
delete- Delete the blobtierToCool- Move blob to Cool tiertierToHot- Move blob to Hot tiertierToCold- Move blob to Cold tiertierToArchive- Move blob to Archive tier
What's the difference between daysAfterModification and daysAfterCreation triggers?
daysAfterModificationGreaterThan counts from the last time a blob was modified, while daysAfterCreationGreaterThan counts from when the blob was originally created. For base blobs, both can be used; for snapshots and versions, only daysAfterCreationGreaterThan is available since they’re immutable.How do I tier blobs based on last access time?
Use
daysAfterLastAccessTimeGreaterThan in your action definitions. For example, to tier to Cool after 30 days of no access, set tierToCool.daysAfterLastAccessTimeGreaterThan to 30. This requires last access time tracking to be enabled on your storage account.What does enableAutoTierToHotFromCool do?
Setting
enableAutoTierToHotFromCool to true automatically moves blobs from Cool tier back to Hot tier when they’re accessed, optimizing for access patterns. This works in conjunction with last access time-based rules.Filtering & Targeting
How do I filter which blobs a lifecycle rule applies to?
Use the filters property with three options:
- blobTypes - Specify blob types like
"blockBlob"or"appendBlob" - prefixMatch - Match blobs by container/path prefix (e.g.,
["container1/logs"]) - blobIndexMatch - Filter by blob index tags using name, operator (
"=="), and value
Can I apply lifecycle rules to both block blobs and append blobs?
Yes, specify multiple blob types in the
blobTypes array, such as ["blockBlob", "appendBlob"]. Each rule can target different blob types.How do I filter lifecycle rules by blob tags?
Use
blobIndexMatch with an array of tag filters. Each filter specifies name (tag name), op (operator, typically "=="), and value (tag value). For example: [{name: "tag1", op: "==", value: "val1"}].Snapshots & Versions
Can I manage snapshot and version lifecycles separately from base blobs?
Yes, define separate actions for
baseBlob, snapshot, and version within the same rule. Snapshots and versions use creation-based triggers (daysAfterCreationGreaterThan) since they’re immutable, while base blobs can use modification-based triggers.What lifecycle actions are available for snapshots and versions?
Snapshots and versions support
delete, tierToCool, tierToCold, tierToHot, and tierToArchive actions, all triggered by daysAfterCreationGreaterThan or daysAfterLastTierChangeGreaterThan.