The code samples and information provided within this document are solely for testing and learning purposes and should not be used in production environments.
I was looking into a way to list Storage Accounts that have (or do not have) Lifecycle Policies enabled and output them as JSON. The Azure Samples Repository does have a sample for polices, however, I couldn't figure out how to list policies since the sample only includes examples for Creating, Updating, Deleting and Getting a specific policy. The latter requires the Resource Group Name, Storage Account Name and Management Policy Name as parameter which did not seem helpful.
A check against the REST API documentation for Management Policies (Get) reveals that the URI Parameter managementPolicyName should always be default.
Based on aforementioned sample, the following should work.
from azure.identity import AzureCliCredential
from azure.mgmt.resource import SubscriptionClient
from azure.mgmt.storage import StorageManagementClient
import azure.mgmt.resourcegraph as arg
import jsoncredential = AzureCliCredential()This is taken from: https://learn.microsoft.com/en-us/azure/governance/resource-graph/first-query-python
def resource_graph_query( query ):
# Get your credentials from Azure CLI (development only!) and get your subscription list
subs_client = SubscriptionClient(credential)
subscriptions_dict = []
for subscription in subs_client.subscriptions.list():
subscriptions_dict.append(subscription.as_dict())
subscription_ids_dict = []
for subscription in subscriptions_dict:
subscription_ids_dict.append(subscription.get('subscription_id'))
# Create Azure Resource Graph client and set options
resource_graph_client = arg.ResourceGraphClient(credential)
resource_graph_query_options = arg.models.QueryRequestOptions(result_format="objectArray")
# Create query
resource_graph_query = arg.models.QueryRequest(subscriptions=subscription_ids_dict, query=query, options=resource_graph_query_options)
# Run query
resource_graph_query_results = resource_graph_client.resources(resource_graph_query)
# Show Python object
return resource_graph_query_resultsIn order to narrow down the results by a bit, I only queried Storage Accounts from one particular region. If there are a lot of storage accounts in scope this should be tested against a single account first to a) see if it works and b) get an idea about the performance.
query = "resources | where type =~ 'Microsoft.Storage/storageAccounts' | where location =~ 'eastus'"
storage_accounts = resource_graph_query(query).datafor storage_account in storage_accounts:
storage_client = StorageManagementClient(credential=credential, subscription_id=storage_account.get('subscriptionId'))
try:
print(json.dumps(storage_client.management_policies.get(
account_name=storage_account.get('name'),
resource_group_name=storage_account.get('resourceGroup'),
management_policy_name='default').as_dict()))
except Exception:
continueIf this worked, the output would be something like this:
{
"id": "/subscriptions/{subscription-id}/resourceGroups/resource_group_name/providers/Microsoft.Storage/storageAccounts/storageaccountname/managementPolicies/default",
"name": "DefaultManagementPolicy",
"type": "Microsoft.Storage/storageAccounts/managementPolicies",
"last_modified_time": "2022-09-23T09:00:20.182687Z",
"policy": {
"rules": [
{
"enabled": true,
"name": "Move Blobs to Cool After 1 Day",
"type": "Lifecycle",
"definition": {
"actions": {
"base_blob": {
"tier_to_cool": {
"days_after_modification_greater_than": 1.0
}
}
},
"filters": {
"blob_types": [
"blockBlob"
]
}
}
}
]
}
}| # | Title | URL |
|---|---|---|
| 1 | Optimize costs by automatically managing the data lifecycle | https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview |
| 2 | Azure Samples Repository | https://github.com/Azure-Samples |
| 3 | Management Policies - Get | https://learn.microsoft.com/en-us/rest/api/storagerp/management-policies/get |
| 4 | Quickstart: Run your first Resource Graph query using Python | https://learn.microsoft.com/en-us/azure/governance/resource-graph/first-query-python |