How to figure which resource in Azure is using a certain storage account? I know the storage account and want to which resource is using the said storage account.

Akshay Pote 20 Reputation points
2024-04-24T14:16:38.78+00:00

I'm trying to clean my environments inside Azure and came across an issue. I can't figure out how to confirm if the storage account and the containers inside are being utilized or not and if yes then by what resource.

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
2,715 questions
Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
6,913 questions
0 comments
Accepted answer
  1. Amrinder Singh 2,195 Reputation points Microsoft Employee
    2024-04-24T14:30:12.3466667+00:00

    Hi Akshay Pote - Thanks for reaching out over Q&A Forum

    In order to review if the storage account is in use or not, you can start by checking if the transactions are happening on the storage account or not. If there are multiple accounts then I understand it might take some time.

    You can start by leveraging Azure Monitor -> Storage Account and the transaction metrics shall give high level insights to transaction happening on the account.

    Alternatively, you can leverage below script that is based on similar concept and help identifying idle accounts.

    https://github.com/Azure-Developer-Support/CodeRepository/blob/master/Storage/Powershell/Finding_Idle_StorageAccounts_In_Subscription.ps1

    For the second ask of who is using the account, for that, you can start by enabling the diagnostic logging. Based on the fields such as Client IP, User Agent Header etc, it might give some hint to client making the operation and you can then work with your teams for further identification ahead.

    https://learn.microsoft.com/en-us/azure/storage/blobs/monitor-blob-storage?tabs=azure-portal

    https://learn.microsoft.com/en-us/azure/storage/blobs/blob-storage-monitoring-scenarios

    Please let us know if you have any further queries. I’m happy to assist you further.    

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anand Prakash Yadav 6,085 Reputation points Microsoft Vendor
    2024-04-25T10:02:24.2833333+00:00

    Hello Akshay Pote,

    Thank you for posting your query here!

    There are a few ways to determine which resources are using a specific Azure Storage Account:

    · Azure Storage Explorer: This tool allows you to view all the storage account information. You can download it into your local environment and then sign into your Azure account.

    · Azure Resource Graph Queries: You can use the Azure Resource Graph to run queries that return information about your storage accounts. Here is an example query you can use in the Resource Graph Explorer:

    resources
| where type == "Microsoft.Storage/storageAccounts"
| project StorageAccountName = name, ResourceId = id
| join kind=inner (
    ResourceContainers
    | project ResourceId, ResourceName, ResourceType
) on $left.ResourceId == $right.ResourceId
| project StorageAccountName, ResourceGroup

    To display the Azure Resource Manager resource ID for a storage account in the Azure portal, navigate to your storage account. On the Overview page, in the Essentials section, select the JSON View link. https://learn.microsoft.com/en-us/azure/storage/common/storage-account-get-info?tabs=portal#get-the-resource-id-for-a-storage-account

    This query will return the name of the storage account and the resource group for each resource that is using the storage account.

    · Service Endpoints: You can check the service endpoints under the settings of each storage account to know the linked specific blob/file/queue services.

    Further details: https://stackoverflow.com/questions/77239038/how-to-find-out-which-of-the-resources-are-linked-to-a-storage-account

    · Also, you can click on the Diagnostics settings of the storage account you are looking for to monitor for connections. https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/how-to-determine-what-devices-are-connecting-to-a-storage/ba-p/3635063

    To check for idle storage accounts in Azure you may check Transactions, Ingress, Egress, Requests, etc. You could use that to determine if there is activity in your storage account.

    Further details; https://learn.microsoft.com/en-us/answers/questions/1074558/how-to-find-idle-azure-resources-or-unused-azure-r

    Similar post for reference: https://stackoverflow.com/questions/76125553/how-can-i-get-all-resources-using-a-storage-account-in-azure-using-powershell

    Please let me know if this helpful or if you any further queries, will be glad to assist.

    Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    0 comments