Implemented automated storage tiering for our ERP backup system that reduced Azure storage costs by 64% annually while maintaining compliance requirements. The solution uses Azure Policy for enforcement, Azure Monitor for tracking, and Blob lifecycle management for automated tiering.
Our SAP backups were consuming 180TB in hot storage tier costing $3,600/month. Compliance requires 7-year retention, but we only need immediate access to backups from the last 90 days. Manual tiering was inconsistent and error-prone. We needed policy-based enforcement that automatically moves backups through storage tiers based on age, with comprehensive cost reporting to demonstrate savings.
The implementation combines custom Azure Policy definitions that enforce lifecycle management rules on all backup storage accounts, Azure Monitor workbooks for cost visibility across tiers, and automated compliance reporting that proves we’re meeting retention requirements while optimizing costs.
How are you tracking cost savings? We need to justify similar investments to finance team. Do you have before/after metrics and ongoing cost monitoring dashboards?
Built custom Azure Workbook that queries Cost Management API and storage account metrics. Dashboard shows cost per tier, data distribution across tiers, and projected annual savings. We baseline costs from three months pre-implementation and track monthly. Current metrics: 12TB hot ($240/month), 45TB cool ($450/month), 123TB archive ($123/month), total $813/month versus previous $3,600/month. The workbook also tracks lifecycle rule execution success rates and any policy compliance violations.
We implemented three-tier lifecycle: Hot tier for 0-90 days (immediate access), Cool tier for 91-365 days (accessible within minutes), Archive tier for 366+ days (15-hour rehydration). RTO for archive backups is 24 hours which meets our compliance requirements since recent backups handle disaster recovery. The lifecycle rules run daily at midnight UTC, checking blob last-modified timestamps. Critical point: we set up separate storage accounts for different backup types so lifecycle policies don’t accidentally tier active data.
Complete implementation details covering all three optimization pillars:
Automated Storage Tiering Configuration
We created blob lifecycle management policies with age-based transition rules applied to all storage accounts tagged with “purpose:backup”. The policy JSON defines three transition actions: move to cool storage after 90 days, move to archive after 365 days, and delete after 2,555 days (7 years retention). Transition rules use the last-modified timestamp as the reference point. For SAP backups specifically, we organized data by year in blob containers, allowing granular policy application. The lifecycle engine runs daily, evaluating approximately 180TB across 847,000 blobs. Critical design decision: we implemented separate policies for full backups versus incremental backups, keeping incrementals in hot tier for 30 days instead of 90 since they’re rarely accessed independently.
Policy-Based Enforcement Architecture
Deployed custom Azure Policy definition at subscription scope that audits storage accounts for lifecycle management configuration. The policy evaluates two conditions: 1) Storage account has tag “purpose:backup”, and 2) Lifecycle management rules exist matching our standard template. Non-compliant accounts trigger automatic remediation task that applies the lifecycle policy. The policy definition uses deployIfNotExists effect, automatically configuring lifecycle rules on newly created backup storage accounts within 15 minutes. For exceptions, we use exclusion tags - storage accounts tagged “lifecycle:manual” are exempted from automatic policy application. Policy compliance dashboard in Azure Portal shows 100% compliance across 23 backup storage accounts. We also implemented a second policy that prevents deletion of lifecycle management rules on backup storage accounts, protecting against accidental configuration changes.
Cost Reporting and Validation
Built comprehensive Azure Workbook querying Cost Management API with filters for storage resource type and backup tags. The workbook displays cost trends over 12-month rolling window, tier distribution percentages, and cost-per-GB metrics for each tier. Automated monthly reports generate via Azure Function that queries the Cost Management API, calculates savings versus baseline, and publishes to SharePoint with executive summary. Current distribution after 6 months: 6.7% hot tier (12TB), 25% cool tier (45TB), 68.3% archive tier (123TB). Monthly cost breakdown: hot $240, cool $450, archive $123, total $813 versus baseline $3,600 monthly. The workbook also includes compliance validation showing 100% of backups retained for required 7-year period, with automated alerts if any backups are deleted prematurely. Additional monitoring tracks lifecycle rule execution success rates and rehydration metrics when archive backups are restored.
Implementation timeline was 6 weeks including testing and validation. Key success factors: thorough tagging strategy, comprehensive testing of restore procedures from each tier, and stakeholder education on archive rehydration times.