[RULE] AZ-STOR-003: Storage account without lifecycle management policy

[Vishnu2707]

What to build

A scan rule that detects Azure storage accounts with no lifecycle
management policy configured. Without this, old data accumulates
indefinitely and increases attack surface.

Rule details

• Rule ID: AZ-STOR-003
• Severity: MEDIUM
• Category: Storage
• Frameworks: CIS 3.x, NIST SC-28, ISO 27001 A.8.3.1

Files to create

• scanner/rules/az_stor_003.py — follow template in CONTRIBUTING.md
• playbooks/cli/fix_az_stor_003.sh — Azure CLI remediation script

How to get started

1. Read CONTRIBUTING.md — the rule template is there
2. Fork the repo, create branch feat/az-stor-003
3. Write the rule and playbook
4. Open a PR to dev

Acceptance Criteria

• Rule follows template exactly
• Returns correct findings JSON
• Playbook script tested
• Framework mappings included

Good first issue?

Yes — this is self-contained, well-scoped, and fully documented.
Perfect if this is your first open source contribution.

[Vishnu2707]

This issue is assigned to @ritiksah141 , expected completion date - 7th of May

[ritiksah141]

PR submitted — closes this issue. PR: #6
Includes scanner rule, CLI playbook with last-access-tracking prerequisite, and compliance mappings for CIS/NIST/ISO 27001.