无法在 Azure 上的存储管理策略中添加新规则
Unable to add new rule in Storage Management Policy on Azure
我正在使用 az cli 添加一个 storage management-policy 来删除容器中修改时间超过 7 天的 blob。
这是 policy.json 文件:
"rules": [
{
"name": "expirationRule1",
"enabled": true,
"type": "Lifecycle",
"definition": {
"filters": {
"blobTypes": [ "blockBlob" ],
"prefixMatch": [ "container1" ]
},
"actions": {
"baseBlob": {
"delete": { "daysAfterModificationGreaterThan": 7 }
}
}
}
}
]
}
我使用以下命令创建此生命周期管理策略:
az storage account management-policy create --account-name <my_acc_name> --policy <policy_file> --resource-group <my_res_group>
此步骤成功。现在我想在不同的容器上添加另一个策略。 policy.json 保持不变,prefixMatch 更改为 container2,name 更改为 expirationRule2。现在当我用上面提到的相同命令应用这个新策略时,我看不到应用旧策略,但只能看到新策略。
以下是步骤:
$az storage account management-policy create --account-name resacc1 --resource-group resgrp1 --policy /tmp/azure_lifecycle.json
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:10:32.261245+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container1" << container1 is prefixMatch
]
}
},
"enabled": true,
"name": "expirationRule1",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
现在我使用 container2 添加新策略:
$ az storage account management-policy create --account-name resacc1 --resource-group resgrp1 --policy /tmp/azure_lifecycle.json
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:11:54.622184+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container2" << container2 in prefixMatch
]
}
},
"enabled": true,
"name": "expirationRule2",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
现在,在应用 2 条规则后,当我执行 show 命令时,它只显示在存储帐户上应用了一个策略。
$ az storage account management-policy show --account-name resacc1 --resource-group resgrp1
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:11:54.622184+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container2"
]
}
},
"enabled": true,
"name": "expirationRule2",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
有人可以帮助我了解如何将新规则附加到现有策略或一起创建新策略,以便我将这两个规则应用于存储帐户中的容器。
查看 AZ CLI 文档,您唯一可用的选项是 creating a new policy or updating an existing policy (i.e. replacing a policy completely)。没有可用于向现有策略添加规则的命令。
您看到该行为的原因是因为您正在更新覆盖以前策略内容的整个策略。
您需要做的是修改您的 policy.json 文件并包含这两个规则,然后更新存储帐户上的策略。或者您可以使用 az storage account management-policy show, parse the policy JSON, add new rule and then update the policy using az storage account management-policy update.
获取现有政策
我正在使用 az cli 添加一个 storage management-policy 来删除容器中修改时间超过 7 天的 blob。
这是 policy.json 文件:
"rules": [
{
"name": "expirationRule1",
"enabled": true,
"type": "Lifecycle",
"definition": {
"filters": {
"blobTypes": [ "blockBlob" ],
"prefixMatch": [ "container1" ]
},
"actions": {
"baseBlob": {
"delete": { "daysAfterModificationGreaterThan": 7 }
}
}
}
}
]
}
我使用以下命令创建此生命周期管理策略:
az storage account management-policy create --account-name <my_acc_name> --policy <policy_file> --resource-group <my_res_group>
此步骤成功。现在我想在不同的容器上添加另一个策略。 policy.json 保持不变,prefixMatch 更改为 container2,name 更改为 expirationRule2。现在当我用上面提到的相同命令应用这个新策略时,我看不到应用旧策略,但只能看到新策略。
以下是步骤:
$az storage account management-policy create --account-name resacc1 --resource-group resgrp1 --policy /tmp/azure_lifecycle.json
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:10:32.261245+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container1" << container1 is prefixMatch
]
}
},
"enabled": true,
"name": "expirationRule1",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
现在我使用 container2 添加新策略:
$ az storage account management-policy create --account-name resacc1 --resource-group resgrp1 --policy /tmp/azure_lifecycle.json
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:11:54.622184+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container2" << container2 in prefixMatch
]
}
},
"enabled": true,
"name": "expirationRule2",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
现在,在应用 2 条规则后,当我执行 show 命令时,它只显示在存储帐户上应用了一个策略。
$ az storage account management-policy show --account-name resacc1 --resource-group resgrp1
{
"id": "<some_id_here>",
"lastModifiedTime": "2021-05-10T10:11:54.622184+00:00",
"name": "DefaultManagementPolicy",
"policy": {
"rules": [
{
"definition": {
"actions": {
"baseBlob": {
"delete": {
"daysAfterLastAccessTimeGreaterThan": null,
"daysAfterModificationGreaterThan": 7.0
},
"enableAutoTierToHotFromCool": null,
"tierToArchive": null,
"tierToCool": null
},
"snapshot": null,
"version": null
},
"filters": {
"blobIndexMatch": null,
"blobTypes": [
"blockBlob"
],
"prefixMatch": [
"container2"
]
}
},
"enabled": true,
"name": "expirationRule2",
"type": "Lifecycle"
}
]
},
"resourceGroup": "resgrp1",
"type": "Microsoft.Storage/storageAccounts/managementPolicies"
}
有人可以帮助我了解如何将新规则附加到现有策略或一起创建新策略,以便我将这两个规则应用于存储帐户中的容器。
查看 AZ CLI 文档,您唯一可用的选项是 creating a new policy or updating an existing policy (i.e. replacing a policy completely)。没有可用于向现有策略添加规则的命令。
您看到该行为的原因是因为您正在更新覆盖以前策略内容的整个策略。
您需要做的是修改您的 policy.json 文件并包含这两个规则,然后更新存储帐户上的策略。或者您可以使用 az storage account management-policy show, parse the policy JSON, add new rule and then update the policy using az storage account management-policy update.