Table: azure_storage_blob - Query Azure Storage Blobs using SQL

Azure Storage Blobs are objects in Azure Storage which can hold large amounts of text or binary data, ranging from hundreds of gigabytes to a petabyte. They are ideal for storing documents, videos, pictures, backups, and other unstructured text or binary data. Azure Storage Blobs are part of the Azure Storage service, which provides scalable, durable, and highly available storage for data.

Table Usage Guide

The azure_storage_blob table provides insights into the blobs within Azure Storage. As a data analyst or a data engineer, you can explore blob-specific details through this table, including blob properties, blob metadata, and blob service properties. Utilize it to uncover information about blobs, such as those with public access, the types of blobs, and the verification of service properties.

Examples

Basic info

Explore which storage blobs within a specific resource group, storage account, and region in Azure. This is particularly useful to gain insights into your Azure storage configuration and identify instances where snapshots are being used.

select
  name,
  container_name,
  storage_account_name,
  region,
  type,
  is_snapshot
from
  azure_storage_blob
where
  resource_group = 'turbot'
  and storage_account_name = 'mystorageaccount'
  and region = 'eastus';

select
  name,
  container_name,
  storage_account_name,
  region,
  type,
  is_snapshot
from
  azure_storage_blob
where
  resource_group = 'turbot'
  and storage_account_name = 'mystorageaccount'
  and region = 'eastus';

List snapshot type blobs with import data

Explore the snapshot type blobs that have imported data in a specific Azure storage account and resource group. This can be useful for auditing purposes, such as ensuring that sensitive data is properly encrypted and stored in the correct region.

select
  name,
  type,
  access_tier,
  server_encrypted,
  metadata,
  creation_time,
  container_name,
  storage_account_name,
  resource_group,
  region
from
  azure_storage_blob
where
  resource_group = 'turbot'
  and storage_account_name = 'mystorageaccount'
  and region = 'eastus'
  and is_snapshot;

select
  name,
  type,
  access_tier,
  server_encrypted,
  metadata,
  creation_time,
  container_name,
  storage_account_name,
  resource_group,
  region
from
  azure_storage_blob
where
  resource_group = 'turbot'
  and storage_account_name = 'mystorageaccount'
  and region = 'eastus'
  and is_snapshot = 1;

Schema for azure_storage_blob

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
access_tier	text		The tier of the blob.
access_tier_change_time	timestamp with time zone		Species the time, when the access tier has been updated.
access_tier_inferred	boolean		Indicates whether the access tier was inferred by the service.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
archive_status	text		Specifies the archive status of the blob.
blob_sequence_number	bigint		Specifies the sequence number for page blob used for coordinating concurrent writes.
blob_tag_set	jsonb		A list of blob tags.
cache_control	text		Indicates the cache control specified for the blob.
cloud_environment	text		The Azure Cloud Environment.
container_name	text		The friendly name that identifies the container, in which the blob has been uploaded.
content_disposition	text		Specifies additional information about how to process the response payload, and also can be used to attach additional metadata.
content_encoding	text		Indicates content encoding specified for the blob.
content_language	text		Indicates content language specified for the blob.
content_length	bigint		Specifies the size of the content returned.
content_md5	jsonb		If the content_md5 has been set for the blob, this response header is stored so that the client can check for message content integrity.
content_type	text		Specifies the content type specified for the blob. If no content type was specified, the default content type is application/octet-stream.
copy_completion_time	timestamp with time zone		Conclusion time of the last attempted Copy Blob operation where this blob was the destination blob.
copy_id	text		A String identifier for the last attempted Copy Blob operation where this blob was the destination blob.
copy_progress	text		Contains the number of bytes copied and the total bytes in the source in the last attempted Copy Blob operation where this blob was the destination blob.
copy_source	text		An URL up to 2 KB in length that specifies the source blob used in the last attempted Copy Blob operation where this blob was the destination blob.
copy_status	text		Specifies the state of the copy operation identified by Copy ID.
copy_status_description	text		Describes cause of fatal or non-fatal copy operation failure.
creation_time	timestamp with time zone		Indicates the time, when the blob was uploaded.
deleted	boolean		Specifies whether the blob was deleted, or not.
deleted_time	timestamp with time zone		Specifies the deletion time of blob container.
destination_snapshot	text		Included if the blob is incremental copy blob or incremental copy snapshot, if x-ms-copy-status is success. Snapshot time of the last successful incremental copy snapshot for this blob.
encryption_key_sha256	text		The SHA-256 hash of the provided encryption key.
encryption_scope	text		The name of the encryption scope under which the blob is encrypted.
etag	text		An unique read-only string that changes whenever the resource is updated.
incremental_copy	boolean		Copies the snapshot of the source page blob to a destination page blob. The snapshot is copied such that only the differential changes between the previously copied snapshot are transferred to the destination.
is_current_version	boolean		Specifies whether the blob container was deleted, or not.
is_sealed	boolean		Indicate if the append blob is sealed or not.
is_snapshot	boolean		Specifies whether the resource is snapshot of a blob, or not.
last_modified	timestamp with time zone		Specifies the date and time the container was last modified.
lease_duration	text		Specifies whether the lease is of infinite or fixed duration, when a blob is leased.
lease_state	text		Specifies lease state of the blob.
lease_status	text		Specifies the lease status of the blob.
metadata	jsonb		A name-value pair to associate with the container as metadata.
name	text		The friendly name that identifies the blob.
region	text		The Azure region/location in which the resource is located.
remaining_retention_days	bigint		The number of days that the blob will be retained before being permanently deleted by the service.
resource_group	text	=	The resource group which holds this resource.
server_encrypted	boolean		Indicates whether the blob is encrypted on the server, or not.
snapshot	text		Specifies the time, when the snapshot is taken.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
storage_account_name	text	=	The friendly name that identifies the storage account, in which the blob is located.
subscription_id	text	=, !=, ~~, ~~, !~~, !~~	The Azure Subscription ID in which the resource is located.
title	text		Title of the resource.
type	text		Specifies the type of the blob.
version_id	text		Specifies the version id.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_storage_blob