Blob Storage Immutability - Termination

GermanC 1 Reputation point
2021-06-23T00:45:32.727+00:00

Hello,

Let's assume I configure time based retention immutability policy for a blob container, for 1 year. Now I need to decommission the whole subscription. Would I have to wait until all blobs are over 1 year to delete them? Is there any way to override the policy even if it is locked?

Thanks

Azure Blob Storage
Azure Blob Storage
An Azure service that stores unstructured data in the cloud as blobs.
2,449 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sumarigo-MSFT 43,806 Reputation points Microsoft Employee
    2021-06-23T09:18:54.077+00:00

    @GermanC Welcome to Microsoft Q&A Forum, Thank you for posting your query here!

    Only unlocked time-based retention policies can be removed from a container. Once a time-based retention policy is locked, it cannot be removed; only effective retention period extensions are allowed. Legal hold tags can be deleted. When all legal tags are deleted, the legal hold is removed.

    https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-immutable-storage#how-it-works ? **Basically calling out explicitly that immutability does not protect against subscription deletion ?****

    **- **What happen with the data when you delete the subscription ?

    • What happens with the cost when you delete the subscription ?****

    It’s deleted subject to retention policy, called out here https://learn.microsoft.com/en-us/azure/cost-management-billing/manage/subscription-disabled

    What happens if I try to delete a storage account with a container that has a time-based retention policy or legal hold?

    The storage account deletion will fail if there is at least one container with a legal hold set or a locked time-based policy. A container with an unlocked time-based policy does not protect against storage account deletion. You must remove all legal holds and delete all locked containers before you can delete the storage account. For information on container deletion, see the preceding question. You can also apply further delete protections for your storage account with Azure Resource Manager locks.

    Hope this helps!

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.