Azure

Azure Storage Lifecycle Management: Complete Guide to Blob Tier Transitions, Snapshot/Version Cleanup & Cost Optimization

2026-05-24
NicheeLab Editorial Team

Azure Storage Lifecycle Management is the framework for managing the entire lifecycle of Azure Storage resources — Blob / Data Lake / Files / Disks. With potential cost savings of millions of yen per year, it is an essential automation for any production workload. This article comprehensively covers the Blob Lifecycle Policy, Snapshot/Version cleanup, Disk Snapshot deletion, and stale Storage Account cleanup.

Storage Lifecycle Overview

TargetFeatureMethod
BlobAutomatic tier transitions and deletionLifecycle Management Policy (Built-in)
Blob VersionAutomatic deletion of old VersionsLifecycle Management Policy
Blob SnapshotAutomatic deletion of old SnapshotsLifecycle Management Policy
Soft Deleted BlobRetention before permanent deletionStorage Account setting
Disk Snapshot / VM ImageCleanup of stale resourcesAzure Automation / Functions
Storage Account / ContainerCleanup of stale resourcesResource Graph + Logic App

Lifecycle Management Policy Structure

A set of Rules defined in JSON.

Policy JSON Example

{
  "rules": [
    {
      "name": "logs-lifecycle",
      "enabled": true,
      "type": "Lifecycle",
      "definition": {
        "filters": {
          "blobTypes": ["blockBlob"],
          "prefixMatch": ["logs/"]
        },
        "actions": {
          "baseBlob": {
            "tierToCool": {
              "daysAfterModificationGreaterThan": 30
            },
            "tierToArchive": {
              "daysAfterModificationGreaterThan": 90
            },
            "delete": {
              "daysAfterModificationGreaterThan": 2555
            }
          },
          "snapshot": {
            "delete": {
              "daysAfterCreationGreaterThan": 30
            }
          },
          "version": {
            "delete": {
              "daysAfterCreationGreaterThan": 90
            }
          }
        }
      }
    }
  ]
}
  • Filter: Narrows down target Blobs (prefix / blob type / Blob Index Tag)
  • Action: Defines what to execute (tierTo* / delete)
  • Maximum 100 Rules per Storage Account

daysAfterModification vs daysAfterLastAccessTime

ItemdaysAfterModificationGreaterThandaysAfterLastAccessTimeGreaterThan
Evaluation criterionLast Modification dateLast Access date
BehaviorStaticDynamic
Extra feature requiredNoneLast Access Tracking must be enabled
Historical data evaluationPossibleOnly from enablement onward
Use caseStandardTrue automatic optimization

Last Access Tracking has no storage cost — enabling it is recommended. It enables true automatic optimization: keep active business data on Hot while automatically moving unused archives to lower-cost tiers.

Versioning and Snapshots

Both consume extra storage, so controlling deletion via Lifecycle is mandatory.

Typical Rules

  • Delete Snapshots after 30 days
  • Delete Versions after 90 days
  • Permanently delete Soft Deleted Blobs after 30 days

Microsoft's Recommended Settings

For Blobs, the recommended combo is 7-day Soft Delete + 30-day Snapshot + 90-day Version retention. Without these settings, Snapshots and Versions can accumulate without limit and trigger runaway costs, so Lifecycle configuration should be treated as mandatory at Storage Account creation time.

Automatic Deletion of Disk Snapshots and VM Images

Disk Snapshots and VM Images are not covered by the Blob Lifecycle Policy and require separate operations.

Automation Patterns

  1. Azure Automation Runbook: Schedule a PowerShell script (Get-AzSnapshot + Remove-AzSnapshot)
  2. Azure Logic Apps: Recurrence Trigger + Azure REST API
  3. Azure Functions: Timer Trigger + Azure SDK
  4. Azure Backup Vault Policy: Automatic snapshot retention management (Azure Backup snapshots only)
  5. DevOps Pipeline: Scheduled IaC-based cleanup

In production, the Azure Automation Runbook offers the most flexibility — tag-based identification (e.g. AutoDelete=true) for deletion targets is the common design.

Cleanup of Stale Storage Accounts and Containers

The Lifecycle Management Policy only operates at the Blob level — deletion of Storage Accounts and Containers themselves is out of scope.

Organization-Level Cleanup Patterns

  1. Tag-based naming conventions (CreatedDate, Owner, Project, AutoDeleteDate)
  2. Azure Resource Graph queries listing Storage Accounts unused for 6+ months
  3. Weekly review and notification of tag-matching Storage Accounts via Azure Automation Runbook
  4. Azure Policy Deny Effect preventing creation of Storage Accounts unused for 6+ months
  5. Detect Storage Accounts with 0 yen/month usage via Cost Management

In production, the modern best practice is to automate reporting with Azure Resource Graph + Logic App, send a deletion proposal email to the owner, and delete after approval.

Standard Lifecycle Rule Sets

Use caseHot periodCoolColdArchiveDelete
Business documents0-30 days30-180 days180-365 days365-2555 days7 years (tax)
Logs0-7 days7-30 days30-365 days1-5 years5 years
Backups-0-30 days30-365 days1-10 years10 years
Video content0-90 days (frequent views)90-365 days1-3 years3+ yearsIndefinite retention
Intermediate data0-7 days---7 days

Operational Caveats

  1. First evaluation takes 24-48 hours after Policy configuration (not immediate)
  2. Deleting from Archive within 180 days triggers an early-deletion fee (also applies to Cool at 30 days and Cold at 90 days)
  3. Lifecycle Policy Filters operate at the Container level (whole-Storage-Account is not a target)
  4. Only BlockBlob is supported (PageBlob / AppendBlob require separate handling)
  5. Last Access Tracking only records Access after enablement — historical data cannot be evaluated
  6. Policy evaluation internally executes List Blob operations, generating transaction costs in environments with many Blobs
  7. Use Audit Logs to verify Policy behavior and investigate unexpected deletions
  8. There is no Report-only simulation mode for configuration changes — always validate in a Dev environment first

Operational Best Practices

  1. Configure a Lifecycle Policy at the same time as Storage Account creation
  2. Enable Last Access Tracking for dynamic optimization
  3. Always configure Snapshot / Version retention (prevent unbounded accumulation)
  4. Use per-use-case Policies for business documents, logs, and backups
  5. Auto-delete Disk Snapshots via Azure Automation
  6. Use Resource Graph + Logic App for organization-level cleanup
  7. Monitor monthly cost trends with Cost Management
  8. Validate in Dev, then apply to Production
  9. Monitor Policy behavior via Audit Logs
  10. Continuous optimization in coordination with the FinOps team

Related Certifications

Frequently Asked Questions

What is Storage Lifecycle Management?

Storage Lifecycle Management is the umbrella term for managing the entire lifecycle of Azure Storage resources — Blob / Data Lake / Files / Disks. This article covers the Blob Lifecycle Management Policy (automatic tier transitions and deletion), Soft Delete, Versioning, snapshot management, and cleanup of stale resources. Common patterns: 1) automatic Blob tier transitions (Hot → Cool → Cold → Archive), 2) automatic deletion of old Blobs (retention policy), 3) automatic deletion of old versions and snapshots, 4) cleanup of old disk snapshots and VM images, 5) unified container policies across the Storage Account. The cost savings can reach millions of yen per year, making this automation essential for production workloads.

What is the basic structure of a Lifecycle Management Policy?

A Lifecycle Management Policy is a set of Rules defined in JSON. Rule structure: 1) name, 2) enabled flag, 3) type: 'Lifecycle', 4) definition: { filters: { blobTypes: ['blockBlob'], prefixMatch: ['container1/logs/'], blobIndexMatch: [...] }, actions: { baseBlob: { tierToCool: { daysAfterModificationGreaterThan: 30 }, tierToArchive: { daysAfterModificationGreaterThan: 90 }, delete: { daysAfterModificationGreaterThan: 365 } }, snapshot: {...}, version: {...} } }. Filters narrow down target Blobs (prefix / blob type / Blob Index Tag), and Actions define what to execute (tierTo* / delete). The limit is 100 Rules per Storage Account. You can edit the JSON directly or use the GUI in the Azure Portal Lifecycle Management blade — combining both is the standard operational approach.

What is the difference between daysAfterModificationGreaterThan and daysAfterLastAccessTimeGreaterThan?

daysAfterModificationGreaterThan evaluates days since the Blob's last Modification (create or write). It is the most common option, the default behavior, and requires no extra features. daysAfterLastAccessTimeGreaterThan evaluates days since the Blob's last Access (Read operation), enabling a more dynamic lifecycle. It requires enabling Last Access Tracking (a single setting at the Storage Account level), only records Access from the point of enablement onward (no historical Access data), and updates on a daily cadence on Read operations (no extra storage cost from frequent updates). A common rule looks like: 'tier to Cool after 90 days since last Access, Archive at 180 days, delete at 365 days.' Last Access Tracking has no storage cost and is recommended. This achieves true automatic optimization — keeping active business data Hot while automatically moving unused archives to lower-cost tiers.

How should the lifecycle of Versions and Snapshots be managed?

Versioning automatically retains older versions whenever a Blob is modified, and is enabled at the Storage Account level. Snapshots are point-in-time copies of a Blob taken manually or via code. Both consume extra storage, so deletion via Lifecycle is mandatory. Typical rules: 1) delete Snapshots after 30 days, 2) delete Versions after 90 days, 3) permanently delete Soft Deleted Blobs after 30 days. The production pattern is to enable both Versioning and Snapshots while using Lifecycle to delete them on schedule for cost control. Microsoft's recommended combo is: 7-day Soft Delete + 30-day Snapshot + 90-day Version retention. Without these settings, Snapshots and Versions can accumulate without limit, causing runaway costs — Lifecycle configuration should be treated as mandatory at Storage Account creation time.

How do you automate deletion of Disk Snapshots and VM Images?

Disk Snapshots and VM Images are not covered by the Blob Lifecycle Policy and require separate operations. Common automation patterns: 1) an Azure Automation Runbook running a scheduled PowerShell script (e.g. Get-AzSnapshot to find snapshots older than 90 days, then Remove-AzSnapshot to delete them), 2) Azure Logic Apps with a Recurrence Trigger calling the Azure REST API, 3) Azure Functions with a Timer Trigger and the Azure SDK, 4) Azure Backup's Vault Policy managing Snapshot retention automatically (only for snapshots taken via Azure Backup), 5) a DevOps Pipeline running periodic IaC-based cleanup. In production, the Azure Automation Runbook offers the most flexibility, typically using tag-based identification (e.g. AutoDelete=true) to mark deletion targets. The cumulative cost of snapshots (thousands to tens of thousands of yen per month) is a classic 'hidden cost' that goes unnoticed — scheduled deletion automation is essential.

How do you clean up old Storage Accounts and Containers?

The Lifecycle Management Policy only operates at the Blob level — Storage Account and Container deletion are out of scope. Organization-level cleanup patterns: 1) tag-based naming conventions (CreatedDate, Owner, Project, AutoDeleteDate) for automatic detection of stale resources, 2) Azure Resource Graph queries to list Storage Accounts unused for 6+ months, 3) weekly review and notification via an Azure Automation Runbook matching tag conditions, 4) Azure Policy with a Deny Effect preventing creation of Storage Accounts that would go unused for 6+ months, 5) Cost Management to detect Storage Accounts with 0 yen/month usage (unused but still incurring costs). The modern best practice in production is to use Azure Resource Graph + Logic App to automate reporting, email the owner with a deletion proposal, and delete after approval. This continuously optimizes organizational resource sprawl.

What are the operational caveats of Lifecycle Management?

Key caveats: 1) after configuring a Policy, the first evaluation takes 24-48 hours (it is not immediate; unexpected behavior must be verified), 2) deleting from Archive before 180 days triggers an early-deletion fee (also applies to Cool at 30 days and Cold at 90 days), 3) Lifecycle Policy Filters operate at the Container level (the entire Storage Account is not a target), 4) only BlockBlob is supported (PageBlob / AppendBlob require separate handling), 5) Last Access Tracking only records Access from the moment it is enabled — past data cannot be evaluated, 6) Policy evaluation internally executes List Blob operations, generating transaction costs in environments with many Blobs, 7) Audit Logs are essential for verifying Policy behavior and investigating unexpected deletions. There is no Report-only mode to simulate behavior, so the safe operational pattern is: always validate in a Dev environment first, then apply to Production.

Which certifications cover this topic?

Lifecycle Management is a major topic in AZ-104 (Administrator) domain 2 (Storage, 15-20%), tested in depth. AZ-305 (Solutions Architect Expert) covers cost-optimization design, DP-700 (Fabric Data Engineer) covers Lifecycle for OneLake / ADLS Gen2, and DP-300 (DBA) covers integration with Backup retention strategy. Azure cost management is a continuous organizational challenge, and understanding Lifecycle Management is an essential skill for cloud cost managers and FinOps engineers.

Related Articles & Technical Deep Dives

Azure Backup 完全ガイド|RSV / Backup Vault・Backup Policy・Immutable Backup・コスト最適化【2026 年版】

Azure Backup の完全ガイド。Recovery Services Vault vs Backup Vault の使い分け、Backup Policy 設計、Azure VM / Files / SQL / Blob Backup の動作、Immutable Backup・Multi-User Authorization によるランサムウェア対策、コスト最適化、関連認定試験 (AZ-104 / AZ-305 / SC-100) を日本語で網羅。

Azure VMSS 完全ガイド|Uniform/Flexible・Auto Scale・Rolling Upgrade・Spot 混在【2026 年版】

Azure Virtual Machine Scale Sets (VMSS) の完全ガイド。Uniform vs Flexible Orchestration mode の使い分け、Auto Scale (Metric/Schedule/Custom)、Custom Image と Azure Compute Gallery、Rolling Upgrade Policy、Spot + Regular 混在パターン、関連認定試験 (AZ-104 / AZ-305 / AZ-400) を日本語で網羅。

Azure Policy 完全ガイド|Effect・Built-in/Custom・Initiative・Remediation・コンプライアンス【2026 年版】

Azure Policy の完全ガイド。Effect 7 種類 (Deny/Audit/Modify/DeployIfNotExists/Append/AuditIfNotExists/Disabled) の使い分け、Built-in vs Custom Policy、Initiative (Policy Set)、Assignment Scope、Remediation、Microsoft Cloud Security Benchmark コンプライアンス活用、関連認定試験 (AZ-104 / SC-100 / AZ-305) を日本語で網羅。

Azure NetApp Files (ANF) 完全ガイド|Service Level・Capacity Pool・SnapMirror・SAP HANA 認定【2026 年版】

Azure NetApp Files (ANF) の完全ガイド。Azure Files Premium との違い、Service Level (Standard/Premium/Ultra) 選定、Capacity Pool と Volume の階層構造、Snapshot・SnapMirror Cross-region Replication、Active Directory 統合、コスト最適化、関連認定試験 (AZ-104 / AZ-305 / AZ-120) を日本語で網羅。

The technical information in this article is based on the Azure Storage Lifecycle Management Documentation. This article is not an official Microsoft Corporation product and has no affiliation or endorsement relationship. Microsoft and Azure are trademarks of the Microsoft group of companies. Information is based on publicly available official materials as of May 24, 2026. Always check the official pages for the latest information.

Check what you learned with practice questions

Practice with certification-focused question sets

View Azure Exam Prep
Author

NicheeLab Editorial Team

NicheeLab editorial team focused on data engineering and cloud certification learning. Content is structured around practical study needs and official exam domains.


Related articles
Azure

AZ-900 Azure Fundamentals: Complete Exam Guide (2026)

Pass AZ-900 — cloud concepts, Azure architecture, management...

Azure

Azure Certification Roadmap: Which Cert to Take Next (2026)

Choose your Azure certification path — Fundamentals, Associa...

Azure

AI-901 Azure AI Fundamentals (Beta): Complete Guide (2026)

Pass AI-901 — Microsoft Foundry, generative AI, responsible ...

Azure

Microsoft Entra ID Fundamentals for Azure Certs (2026)

Entra ID basics every cert candidate needs — tenants, identi...

Azure

DP-900 Azure Data Fundamentals: Complete Guide (2026)

Pass DP-900 — relational, non-relational, analytics, Power B...

Browse all Azure articles (104)
© 2026 NicheeLab All rights reserved.