Control: Object Storage buckets should have lifecycle policies

Description

Object Storage buckets should have a lifecycle policy associated for data retention.

Usage

Run the control in your terminal:

powerpipe control run oci_thrifty.control.objectstorage_bucket_without_lifecycle_policy

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run oci_thrifty.control.objectstorage_bucket_without_lifecycle_policy --share

Steampipe Tables

oci_identity_compartment

oci_objectstorage_bucket

SQL

select
  a.id as resource,
  case
    when a.object_lifecycle_policy ->> 'items' is null then 'alarm'
    when object_lifecycle_policy -> 'items' @> '[{"isEnabled": true}]' then 'ok'
    else 'alarm'
  end as status,
  case
    when object_lifecycle_policy ->> 'items' is null then a.title || ' has no lifecycle policy.'
    when object_lifecycle_policy -> 'items' @> '[{"isEnabled": true}]' then a.title || ' has lifecycle policy.'
    else a.title || ' has disabled lifecycle policy.'
  end as reason,
  coalesce(c.name, 'root') as compartment,
  a.region
from
  oci_objectstorage_bucket as a
  left join oci_identity_compartment as c on c.id = a.compartment_id;

Control: Object Storage buckets should have lifecycle policies

Description

Usage

Steampipe Tables

SQL

Tags