KQL Search

Query Details

HomeAI ToolsDevice Query

Resources Storage Accounts

Query

// Alternatively use here: https://portal.azure.com/#view/HubsExtension/ArgQueryBlade
arg("").Resources
| where type == 'microsoft.storage/storageaccounts'
| extend DynamicProperties = todynamic(properties)
//| evaluate bag_unpack(DynamicProperties, columnsConflict='replace_source') // Could not make this work
| extend
    creationTime = todatetime(DynamicProperties.creationTime),
    allowBlobPublicAccess = tostring(DynamicProperties.allowBlobPublicAccess),
    supportsHttpsTrafficOnly = tostring(DynamicProperties.supportsHttpsTrafficOnly),
    minimumTlsVersion = tostring(DynamicProperties.minimumTlsVersion),
    primaryEndpoints = DynamicProperties.primaryEndpoints,
    privateEndpointConnections = DynamicProperties.privateEndpointConnections,
    publicNetworkAccess = tostring(DynamicProperties.publicNetworkAccess),
    services = DynamicProperties.encryption.services,
    defaultToOAuthAuthentication = tostring(DynamicProperties.defaultToOAuthAuthentication),
    networkAcls = DynamicProperties.networkAcls
| extend
    networkAcls_defaultAction = tostring(networkAcls.defaultAction),
    networkAcls_bypass = tostring(networkAcls.bypass),
    networkAcls_ipRules = networkAcls.ipRules,
    networkAcls_virtualNetworkRules = networkAcls.virtualNetworkRules
// | where allowBlobPublicAccess == "true"
// | where publicNetworkAccess == "Enabled"
// | where defaultToOAuthAuthentication == "false"
// | where networkAcls_defaultAction == "Allow"
| project
    subscriptionId,
    resourceGroup,
    id,
    tags,
    creationTime,
    supportsHttpsTrafficOnly,
    minimumTlsVersion,
    allowBlobPublicAccess,
    publicNetworkAccess,
    defaultToOAuthAuthentication,
    primaryEndpoints,
    privateEndpointConnections,
    services,
    networkAcls_bypass,
    networkAcls_defaultAction,
    networkAcls_ipRules,
    networkAcls_virtualNetworkRules,
    networkAcls,
    properties

Explanation

This query retrieves information about Microsoft storage accounts. It filters the results based on certain criteria and then projects specific properties of the storage accounts.

Details

Jose Sebastián Canós profile picture

Jose Sebastián Canós

Released: September 5, 2023

Tables

Resources

Keywords

Devices,Intune,User

Operators

argResourceswheretypeextendtodynamictodatetimetostringprimaryEndpointsprivateEndpointConnectionsservicesproject

Actions