Table: azure_storage_blob_service - Query Azure Storage Blob Services using SQL

Azure Storage Blob Service is a feature within Microsoft Azure that provides scalable, secure, performance-efficient storage for unstructured data. It is optimized for storing massive amounts of unstructured data, such as text or binary data, that can be accessed globally via HTTP or HTTPS. The service includes features to process data and build sophisticated analytics solutions, recover from disaster, and archive data.

Table Usage Guide

The azure_storage_blob_service table provides insights into Azure Storage Blob Services within Microsoft Azure. As a data analyst or storage administrator, explore blob service-specific details through this table, including storage account name, resource group, and associated metadata. Utilize it to uncover information about blob services, such as default service version, change feed enabled status, and delete retention policy details.

Examples

Basic info

Analyze the settings to understand the distribution of your Azure storage blob services across different regions, their associated storage accounts, and their respective pricing tiers. This can help in optimizing resource allocation and cost management.

select
  name,
  storage_account_name,
  region,
  sku_name,
  sku_tier
from
  azure_storage_blob_service;

select
  name,
  storage_account_name,
  region,
  sku_name,
  sku_tier
from
  azure_storage_blob_service;

List of storage blob service where delete retention policy is not enabled

Identify Azure storage blob services that have not enabled the delete retention policy. This query is useful for pinpointing potential areas of risk where deleted data cannot be recovered.

select
  name,
  storage_account_name,
  delete_retention_policy -> 'enabled' as delete_retention_policy_enabled
from
  azure_storage_blob_service
where
  delete_retention_policy -> 'enabled' = 'false';

select
  name,
  storage_account_name,
  json_extract(delete_retention_policy, '$.enabled') as delete_retention_policy_enabled
from
  azure_storage_blob_service
where
  json_extract(delete_retention_policy, '$.enabled') = 'false';

List of storage blob service where versioning is not enabled

Explore which Azure storage blob services do not have versioning enabled. This is useful in identifying potential data loss risks due to accidental deletion or overwriting.

select
  name,
  storage_account_name,
  is_versioning_enabled
from
  azure_storage_blob_service
where
  not is_versioning_enabled;

select
  name,
  storage_account_name,
  is_versioning_enabled
from
  azure_storage_blob_service
where
  not is_versioning_enabled;

CORS rules info for storage blob service

This query is useful for gaining insights into the Cross-Origin Resource Sharing (CORS) rules set up for Azure's storage blob service. It's a practical tool for understanding what headers and methods are permitted, which headers are exposed, and the maximum age for these settings, thereby aiding in ensuring secure and efficient data transfers.

select
  name,
  storage_account_name,
  cors -> 'allowedHeaders' as allowed_headers,
  cors -> 'allowedMethods' as allowed_methods,
  cors -> 'allowedMethods' as allowed_methods,
  cors -> 'exposedHeaders' as exposed_headers,
  cors -> 'maxAgeInSeconds' as max_age_in_seconds
from
  azure_storage_blob_service
  cross join jsonb_array_elements(cors_rules) as cors;

select
  name,
  storage_account_name,
  json_extract(cors.value, '$.allowedHeaders') as allowed_headers,
  json_extract(cors.value, '$.allowedMethods') as allowed_methods,
  json_extract(cors.value, '$.allowedMethods') as allowed_methods,
  json_extract(cors.value, '$.exposedHeaders') as exposed_headers,
  json_extract(cors.value, '$.maxAgeInSeconds') as max_age_in_seconds
from
  azure_storage_blob_service,
  json_each(cors_rules) as cors;

Schema for azure_storage_blob_service

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
akas	jsonb		Array of globally unique identifier strings (also known as) for the resource.
automatic_snapshot_policy_enabled	boolean		Specifies whether automatic snapshot creation is enabled, or not
change_feed_enabled	boolean		Specifies whether change feed event logging is enabled for the Blob service
cloud_environment	text		The Azure Cloud Environment.
container_delete_retention_policy	jsonb		The blob service properties for container soft delete
cors_rules	jsonb		A list of CORS rules for a storage account’s Blob service
default_service_version	text		Indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified
delete_retention_policy	jsonb		The blob service properties for blob soft delete
id	text		Contains ID to identify a blob uniquely
is_versioning_enabled	boolean		Specifies whether the versioning is enabled, or not
name	text		The friendly name that identifies the blob
region	text		The Azure region/location in which the resource is located.
resource_group	text	=	The resource group which holds this resource.
restore_policy	jsonb		The blob service properties for blob restore policy
sku_name	text		The sku name
sku_tier	text		Contains the sku tier
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
storage_account_name	text	=	A unique read-only string that changes whenever the resource is updated
subscription_id	text	=, !=, ~~, ~~, !~~, !~~	The Azure Subscription ID in which the resource is located.
title	text		Title of the resource.
type	text		Type of the resource

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_storage_blob_service