Query Details
Azure Storage Blob Misconfiguration Check
Query
// Azure Resource Graph // Azure Storage Blob - Misconfiguration Check // https://www.linkedin.com/posts/activity-7184079321605529600-Obcd/ resources | where type == "Microsoft.Storage/storageAccounts" | extend allowBlobPublicAccess = parse_json(properties).allowBlobPublicAccess | project subscriptionId, resourceGroup, name, allowBlobPublicAccess
Explanation
This query is designed to check for misconfigurations in Azure Storage Blob settings. Specifically, it looks for storage accounts that allow public access to blobs. Here's a simple breakdown of what the query does:
- Target Resource Type: It focuses on resources of type "Microsoft.Storage/storageAccounts", which are Azure Storage Accounts.
- Extract Property: It extracts the
allowBlobPublicAccessproperty from the storage account's properties. This property indicates whether public access to blobs is allowed. - Select Columns: It selects and displays the subscription ID, resource group, storage account name, and the
allowBlobPublicAccesssetting.
In summary, this query lists all Azure Storage Accounts and shows whether they allow public access to blobs, along with their subscription ID, resource group, and name.
Details
Steven Lim
Released: August 2, 2024
Tables
resources
Keywords
ResourcesStorageAccountsSubscriptionIdResourceGroupNameAllowBlobPublicAccess
Operators
resources|where=="Microsoft.Storage/storageAccounts"|extendparse_jsonpropertiesallowBlobPublicAccess|projectsubscriptionIdresourceGroupnameallowBlobPublicAccess