azure_ad_groupazure_ad_service_principalazure_ad_userazure_alert_managementazure_api_managementazure_api_management_backendazure_app_configurationazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_app_service_web_app_slotazure_application_gatewayazure_application_insightazure_application_security_groupazure_automation_accountazure_automation_variableazure_bastion_hostazure_batch_accountazure_cognitive_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_accessazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_ssh_keyazure_compute_virtual_machineazure_compute_virtual_machine_metric_available_memoryazure_compute_virtual_machine_metric_available_memory_dailyazure_compute_virtual_machine_metric_available_memory_hourlyazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_compute_virtual_machine_scale_set_network_interfaceazure_compute_virtual_machine_scale_set_vmazure_consumption_usageazure_container_groupazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_collectionazure_cosmosdb_mongo_databaseazure_cosmosdb_restorable_database_accountazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_databox_edge_deviceazure_databricks_workspaceazure_diagnostic_settingazure_dns_zoneazure_eventgrid_domainazure_eventgrid_topicazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_firewall_policyazure_frontdoorazure_hdinsight_clusterazure_healthcare_serviceazure_hpc_cacheazure_hybrid_compute_machineazure_hybrid_kubernetes_connected_clusterazure_iothubazure_iothub_dpsazure_key_vaultazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_key_versionazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_kubernetes_service_versionazure_kusto_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_locationazure_log_alertazure_log_profileazure_logic_app_workflowazure_machine_learning_workspaceazure_maintenance_configurationazure_management_groupazure_management_lockazure_mariadb_serverazure_monitor_activity_log_eventazure_monitor_log_profileazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mssql_virtual_machineazure_mysql_flexible_serverazure_mysql_serverazure_nat_gatewayazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_flexible_serverazure_postgresql_serverazure_private_dns_zoneazure_providerazure_public_ipazure_recovery_services_backup_jobazure_recovery_services_vaultazure_redis_cacheazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_automationazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_sub_assessmentazure_security_center_subscription_pricingazure_service_fabric_clusterazure_servicebus_namespaceazure_signalr_serviceazure_spring_cloud_serviceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_share_fileazure_storage_syncazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_synapse_workspaceazure_tenantazure_virtual_networkazure_virtual_network_gateway
Table: azure_storage_blob - Query Azure Storage Blobs using SQL
Azure Storage Blobs are objects in Azure Storage which can hold large amounts of text or binary data, ranging from hundreds of gigabytes to a petabyte. They are ideal for storing documents, videos, pictures, backups, and other unstructured text or binary data. Azure Storage Blobs are part of the Azure Storage service, which provides scalable, durable, and highly available storage for data.
Table Usage Guide
The azure_storage_blob table provides insights into the blobs within Azure Storage. As a data analyst or a data engineer, you can explore blob-specific details through this table, including blob properties, blob metadata, and blob service properties. Utilize it to uncover information about blobs, such as those with public access, the types of blobs, and the verification of service properties.
Examples
Basic info
Explore which storage blobs within a specific resource group, storage account, and region in Azure. This is particularly useful to gain insights into your Azure storage configuration and identify instances where snapshots are being used.
select name, container_name, storage_account_name, region, type, is_snapshotfrom azure_storage_blobwhere resource_group = 'turbot' and storage_account_name = 'mystorageaccount' and region = 'eastus';select name, container_name, storage_account_name, region, type, is_snapshotfrom azure_storage_blobwhere resource_group = 'turbot' and storage_account_name = 'mystorageaccount' and region = 'eastus';List snapshot type blobs with import data
Explore the snapshot type blobs that have imported data in a specific Azure storage account and resource group. This can be useful for auditing purposes, such as ensuring that sensitive data is properly encrypted and stored in the correct region.
select name, type, access_tier, server_encrypted, metadata, creation_time, container_name, storage_account_name, resource_group, regionfrom azure_storage_blobwhere resource_group = 'turbot' and storage_account_name = 'mystorageaccount' and region = 'eastus' and is_snapshot;select name, type, access_tier, server_encrypted, metadata, creation_time, container_name, storage_account_name, resource_group, regionfrom azure_storage_blobwhere resource_group = 'turbot' and storage_account_name = 'mystorageaccount' and region = 'eastus' and is_snapshot = 1;Schema for azure_storage_blob
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| access_tier | text | The tier of the blob. | |
| access_tier_change_time | timestamp with time zone | Species the time, when the access tier has been updated. | |
| access_tier_inferred | boolean | Indicates whether the access tier was inferred by the service. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| archive_status | text | Specifies the archive status of the blob. | |
| blob_sequence_number | bigint | Specifies the sequence number for page blob used for coordinating concurrent writes. | |
| blob_tag_set | jsonb | A list of blob tags. | |
| cache_control | text | Indicates the cache control specified for the blob. | |
| cloud_environment | text | The Azure Cloud Environment. | |
| container_name | text | The friendly name that identifies the container, in which the blob has been uploaded. | |
| content_disposition | text | Specifies additional information about how to process the response payload, and also can be used to attach additional metadata. | |
| content_encoding | text | Indicates content encoding specified for the blob. | |
| content_language | text | Indicates content language specified for the blob. | |
| content_length | bigint | Specifies the size of the content returned. | |
| content_md5 | jsonb | If the content_md5 has been set for the blob, this response header is stored so that the client can check for message content integrity. | |
| content_type | text | Specifies the content type specified for the blob. If no content type was specified, the default content type is application/octet-stream. | |
| copy_completion_time | timestamp with time zone | Conclusion time of the last attempted Copy Blob operation where this blob was the destination blob. | |
| copy_id | text | A String identifier for the last attempted Copy Blob operation where this blob was the destination blob. | |
| copy_progress | text | Contains the number of bytes copied and the total bytes in the source in the last attempted Copy Blob operation where this blob was the destination blob. | |
| copy_source | text | An URL up to 2 KB in length that specifies the source blob used in the last attempted Copy Blob operation where this blob was the destination blob. | |
| copy_status | text | Specifies the state of the copy operation identified by Copy ID. | |
| copy_status_description | text | Describes cause of fatal or non-fatal copy operation failure. | |
| creation_time | timestamp with time zone | Indicates the time, when the blob was uploaded. | |
| deleted | boolean | Specifies whether the blob was deleted, or not. | |
| deleted_time | timestamp with time zone | Specifies the deletion time of blob container. | |
| destination_snapshot | text | Included if the blob is incremental copy blob or incremental copy snapshot, if x-ms-copy-status is success. Snapshot time of the last successful incremental copy snapshot for this blob. | |
| encryption_key_sha256 | text | The SHA-256 hash of the provided encryption key. | |
| encryption_scope | text | The name of the encryption scope under which the blob is encrypted. | |
| etag | text | An unique read-only string that changes whenever the resource is updated. | |
| incremental_copy | boolean | Copies the snapshot of the source page blob to a destination page blob. The snapshot is copied such that only the differential changes between the previously copied snapshot are transferred to the destination. | |
| is_current_version | boolean | Specifies whether the blob container was deleted, or not. | |
| is_sealed | boolean | Indicate if the append blob is sealed or not. | |
| is_snapshot | boolean | Specifies whether the resource is snapshot of a blob, or not. | |
| last_modified | timestamp with time zone | Specifies the date and time the container was last modified. | |
| lease_duration | text | Specifies whether the lease is of infinite or fixed duration, when a blob is leased. | |
| lease_state | text | Specifies lease state of the blob. | |
| lease_status | text | Specifies the lease status of the blob. | |
| metadata | jsonb | A name-value pair to associate with the container as metadata. | |
| name | text | The friendly name that identifies the blob. | |
| region | text | The Azure region/location in which the resource is located. | |
| remaining_retention_days | bigint | The number of days that the blob will be retained before being permanently deleted by the service. | |
| resource_group | text | = | The resource group which holds this resource. |
| server_encrypted | boolean | Indicates whether the blob is encrypted on the server, or not. | |
| snapshot | text | Specifies the time, when the snapshot is taken. | |
| storage_account_name | text | = | The friendly name that identifies the storage account, in which the blob is located. |
| subscription_id | text | The Azure Subscription ID in which the resource is located. | |
| title | text | Title of the resource. | |
| type | text | Specifies the type of the blob. | |
| version_id | text | Specifies the version id. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azureYou can pass the configuration to the command with the --config argument:
steampipe_export_azure --config '<your_config>' azure_storage_blob