Share via

Remove Retention Period on Azure Blobs After Deleting Immutable Policy

Nonathon 91 Reputation points
2023-08-11T16:22:31.7666667+00:00

I was testing time-based retention policies on an Azure blob storage container, and have finished my testing and want to deleted the involved resources. I had a time-based retention policy at the container level set for a few months, but have since deleted this policy. When I go to delete the blobs in the container, they still show the retention period set by this policy and prevent the deletion. At no point did I lock the policy.

My assumption was once a blob no longer had an immutable policy applied to it, any retention would also be removed. It appears I may have been wrong, at that the existence of the policy does not impact the retention period of the blobs.

My question, is there a way to remove the retention period on a blob after the policy that applied the retention has been removed? I have created a new immutable retention policy for 1 day hoping it will overwrite the existing value, but I doubt it.

User's image

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
3,141 questions
0 comments
Accepted answer
  1. Sumarigo-MSFT 47,526 Reputation points Microsoft Employee
    2023-08-17T05:15:50.1+00:00

    @Nonathon I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue: Is it possible to remove the retention period from a blob after the policy that initially applied the retention has been deleted? I've established a new immutable retention policy for one day in the hope that it will overwrite the existing value, but I have reservations about its effectiveness.

    Solution: It was discovered that although the retention policy at the container level was removed, the policy still remained at the individual blob level. By clicking on the three dots next to the specific blob and navigating to the access policy section, the policy was successfully deleted. Once the policy for the blob was removed, it became possible to delete both the blob itself and subsequently the entire storage account.

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Nonathon 91 Reputation points
    2023-08-11T20:55:58.0166667+00:00

    I was actually able to figure it. Turns out even though the container level retention policy was deleted, the policy still existed at a per-blob level. I was able to click on the 3 dots next to the block > access policy, then delete the policy. Once the blob-level policy was deleted, I was able to delete the blob and subsequently the storage account.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.