Control: Object Storage buckets should have lifecycle policies

Usage

Run the control in your terminal:

steampipe check oci_thrifty.control.objectstorage_bucket_without_lifecycle_policy

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share oci_thrifty.control.objectstorage_bucket_without_lifecycle_policy

oci_identity_compartment

oci_objectstorage_bucket

SQL

select
  a.id as resource,
  case
    when a.object_lifecycle_policy ->> 'items' is null then 'alarm'
    when object_lifecycle_policy -> 'items' @> '[{"isEnabled": true}]' then 'ok'
    else 'alarm'
  end as status,
  case
    when object_lifecycle_policy ->> 'items' is null then a.title || ' has no lifecycle policy.'
    when object_lifecycle_policy -> 'items' @> '[{"isEnabled": true}]' then a.title || ' has lifecycle policy.'
    else a.title || ' has disabled lifecycle policy.'
  end as reason,
  coalesce(c.name, 'root') as compartment,
  a.region
from
  oci_objectstorage_bucket as a
  left join oci_identity_compartment as c on c.id = a.compartment_id;

Tags