DEV Community

holger
holger

Posted on

How to use the Azure SDK for Python to list Storage Account Lifecycle Policies

The code samples and information provided within this document are solely for testing and learning purposes and should not be used in production environments.


I was looking into a way to list Storage Accounts that have (or do not have) Lifecycle Policies enabled and output them as JSON.
The Azure Samples Repository does have a sample for polices, however, I couldn't figure out how to list policies since the sample only includes examples for Creating, Updating, Deleting and Getting a specific policy.
The latter requires the Resource Group Name, Storage Account Name and Management Policy Name as parameter which did not seem helpful.

A check against the REST API documentation for Management Policies (Get) reveals that the URI Parameter managementPolicyName should always be default.

Based on aforementioned sample, the following should work.

Import Libraries

from azure.identity import AzureCliCredential
from azure.mgmt.resource import SubscriptionClient
from azure.mgmt.storage import StorageManagementClient
import azure.mgmt.resourcegraph as arg
import json
Enter fullscreen mode Exit fullscreen mode

Create the Credential Client

credential = AzureCliCredential()
Enter fullscreen mode Exit fullscreen mode

Create the Resource Graph Query Function

This is taken from: https://learn.microsoft.com/en-us/azure/governance/resource-graph/first-query-python

def resource_graph_query( query ):
    # Get your credentials from Azure CLI (development only!) and get your subscription list
    subs_client = SubscriptionClient(credential)
    subscriptions_dict = []

    for subscription in subs_client.subscriptions.list():
        subscriptions_dict.append(subscription.as_dict())

    subscription_ids_dict = []

    for subscription in subscriptions_dict:
        subscription_ids_dict.append(subscription.get('subscription_id'))

    # Create Azure Resource Graph client and set options
    resource_graph_client = arg.ResourceGraphClient(credential)
    resource_graph_query_options = arg.models.QueryRequestOptions(result_format="objectArray")

    # Create query
    resource_graph_query = arg.models.QueryRequest(subscriptions=subscription_ids_dict, query=query, options=resource_graph_query_options)

    # Run query
    resource_graph_query_results = resource_graph_client.resources(resource_graph_query)

    # Show Python object
    return resource_graph_query_results
Enter fullscreen mode Exit fullscreen mode

Query all Storage Accounts

In order to narrow down the results by a bit, I only queried Storage Accounts from one particular region. If there are a lot of storage accounts in scope this should be tested against a single account first to a) see if it works and b) get an idea about the performance.

query = "resources | where type =~ 'Microsoft.Storage/storageAccounts' | where location =~ 'eastus'"

storage_accounts = resource_graph_query(query).data
Enter fullscreen mode Exit fullscreen mode

Retrieve the Storage Account Lifecycle Policies

for storage_account in storage_accounts:
    storage_client = StorageManagementClient(credential=credential, subscription_id=storage_account.get('subscriptionId'))
    try:
        print(json.dumps(storage_client.management_policies.get(
            account_name=storage_account.get('name'), 
            resource_group_name=storage_account.get('resourceGroup'), 
            management_policy_name='default').as_dict()))
    except Exception:
        continue
Enter fullscreen mode Exit fullscreen mode

If this worked, the output would be something like this:

{
    "id": "/subscriptions/{subscription-id}/resourceGroups/resource_group_name/providers/Microsoft.Storage/storageAccounts/storageaccountname/managementPolicies/default",
    "name": "DefaultManagementPolicy",
    "type": "Microsoft.Storage/storageAccounts/managementPolicies",
    "last_modified_time": "2022-09-23T09:00:20.182687Z",
    "policy": {
        "rules": [
            {
                "enabled": true,
                "name": "Move Blobs to Cool After 1 Day",
                "type": "Lifecycle",
                "definition": {
                    "actions": {
                        "base_blob": {
                            "tier_to_cool": {
                                "days_after_modification_greater_than": 1.0
                            }
                        }
                    },
                    "filters": {
                        "blob_types": [
                            "blockBlob"
                        ]
                    }
                }
            }
        ]
    }
}
Enter fullscreen mode Exit fullscreen mode

References

# Title URL
1 Optimize costs by automatically managing the data lifecycle https://learn.microsoft.com/en-us/azure/storage/blobs/lifecycle-management-overview
2 Azure Samples Repository https://github.com/Azure-Samples
3 Management Policies - Get https://learn.microsoft.com/en-us/rest/api/storagerp/management-policies/get
4 Quickstart: Run your first Resource Graph query using Python https://learn.microsoft.com/en-us/azure/governance/resource-graph/first-query-python

Top comments (0)