steampipe plugin install azure

Table: azure_storage_blob_service - Query Azure Storage Blob Services using SQL

Azure Storage Blob Service is a feature within Microsoft Azure that provides scalable, secure, performance-efficient storage for unstructured data. It is optimized for storing massive amounts of unstructured data, such as text or binary data, that can be accessed globally via HTTP or HTTPS. The service includes features to process data and build sophisticated analytics solutions, recover from disaster, and archive data.

Table Usage Guide

The azure_storage_blob_service table provides insights into Azure Storage Blob Services within Microsoft Azure. As a data analyst or storage administrator, explore blob service-specific details through this table, including storage account name, resource group, and associated metadata. Utilize it to uncover information about blob services, such as default service version, change feed enabled status, and delete retention policy details.

Examples

Basic info

Analyze the settings to understand the distribution of your Azure storage blob services across different regions, their associated storage accounts, and their respective pricing tiers. This can help in optimizing resource allocation and cost management.

select
name,
storage_account_name,
region,
sku_name,
sku_tier
from
azure_storage_blob_service;
select
name,
storage_account_name,
region,
sku_name,
sku_tier
from
azure_storage_blob_service;

List of storage blob service where delete retention policy is not enabled

Identify Azure storage blob services that have not enabled the delete retention policy. This query is useful for pinpointing potential areas of risk where deleted data cannot be recovered.

select
name,
storage_account_name,
delete_retention_policy -> 'enabled' as delete_retention_policy_enabled
from
azure_storage_blob_service
where
delete_retention_policy -> 'enabled' = 'false';
select
name,
storage_account_name,
json_extract(delete_retention_policy, '$.enabled') as delete_retention_policy_enabled
from
azure_storage_blob_service
where
json_extract(delete_retention_policy, '$.enabled') = 'false';

List of storage blob service where versioning is not enabled

Explore which Azure storage blob services do not have versioning enabled. This is useful in identifying potential data loss risks due to accidental deletion or overwriting.

select
name,
storage_account_name,
is_versioning_enabled
from
azure_storage_blob_service
where
not is_versioning_enabled;
select
name,
storage_account_name,
is_versioning_enabled
from
azure_storage_blob_service
where
not is_versioning_enabled;

CORS rules info for storage blob service

This query is useful for gaining insights into the Cross-Origin Resource Sharing (CORS) rules set up for Azure's storage blob service. It's a practical tool for understanding what headers and methods are permitted, which headers are exposed, and the maximum age for these settings, thereby aiding in ensuring secure and efficient data transfers.

select
name,
storage_account_name,
cors -> 'allowedHeaders' as allowed_headers,
cors -> 'allowedMethods' as allowed_methods,
cors -> 'allowedMethods' as allowed_methods,
cors -> 'exposedHeaders' as exposed_headers,
cors -> 'maxAgeInSeconds' as max_age_in_seconds
from
azure_storage_blob_service
cross join jsonb_array_elements(cors_rules) as cors;
select
name,
storage_account_name,
json_extract(cors.value, '$.allowedHeaders') as allowed_headers,
json_extract(cors.value, '$.allowedMethods') as allowed_methods,
json_extract(cors.value, '$.allowedMethods') as allowed_methods,
json_extract(cors.value, '$.exposedHeaders') as exposed_headers,
json_extract(cors.value, '$.maxAgeInSeconds') as max_age_in_seconds
from
azure_storage_blob_service,
json_each(cors_rules) as cors;

Schema for azure_storage_blob_service

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
automatic_snapshot_policy_enabledbooleanSpecifies whether automatic snapshot creation is enabled, or not
change_feed_enabledbooleanSpecifies whether change feed event logging is enabled for the Blob service
cloud_environmenttextThe Azure Cloud Environment.
container_delete_retention_policyjsonbThe blob service properties for container soft delete
cors_rulesjsonbA list of CORS rules for a storage account’s Blob service
default_service_versiontextIndicates the default version to use for requests to the Blob service if an incoming request’s version is not specified
delete_retention_policyjsonbThe blob service properties for blob soft delete
idtextContains ID to identify a blob uniquely
is_versioning_enabledbooleanSpecifies whether the versioning is enabled, or not
nametextThe friendly name that identifies the blob
regiontextThe Azure region/location in which the resource is located.
resource_grouptext=The resource group which holds this resource.
restore_policyjsonbThe blob service properties for blob restore policy
sku_nametextThe sku name
sku_tiertextContains the sku tier
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
storage_account_nametext=A unique read-only string that changes whenever the resource is updated
subscription_idtext=, !=, ~~, ~~*, !~~, !~~*The Azure Subscription ID in which the resource is located.
titletextTitle of the resource.
typetextType of the resource

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_storage_blob_service