Azure Storage Security and Utilization Audit Tool
Azure Storage Security and Utilization Audit Tool
Azure Storage Security and Utilization Audit Tool
This Tool is designed to operate in a Read-Only Capacity. It performs Discovery and Reporting Functions by querying Azure Resource Manager and Storage Data-Plane APIs without making any Modifications to Resources, Configurations, or Data.
All operations performed are limited to Enumeration and Retrieval of Existing Information for Auditing and Analysis Purposes.
The Tool Aggregates Control Plane and Data Plane Information to provide a Unified View of Storage Resources, Identity-Based Access (RBAC), Stored Data Objects, and Storage Consumption patterns.
It Outputs Structured Datasets for Security Analysis, Compliance Validation, and Cost Optimization.
How to Use the Tool
1. Execution Steps
To run the Azure Storage Audit and Inventory Tool:
Open Azure Portal
Launch Azure Cloud Shell
Select PowerShell Environment
Copy the full script content between SCRIPT START and SCRIPT END
Paste the Script into the Cloud Shell Window
Press Enter to execute
The tool will begin enumerating Azure Storage resources across all accessible subscriptions.
2. Required Permissions
The Tool requires Read-Level Access to Azure Resources in order to produce accurate and complete results.
Minimum Recommended Permissions:
Reader Role at Subscription or Resource Group Level
Storage Blob Data Reader Role for Blob-Level Visibility
Access to Microsoft.Authorization for RBAC Enumeration
If sufficient permissions are not granted:
Some resources may not be discovered
RBAC Data may be incomplete or missing
Blob Inventory may not return results
3. Output Location
Upon completion, the Tool Generates Multiple CSV Files in the Cloud Shell Working Directory.
To view files:
ls *.csv
To download:
Use the Cloud Shell File Browser
Select the Generated CSV Files
Download to Local System
4. Expected Runtime Behavior
During execution, the Tool will:
Iterate through All Subscriptions
Process each Storage Account
Enumerate Storage Objects and Access Assignments
Display Progress Messages in the Console
Execution time will vary depending on:
Number of Subscriptions
Number of Storage Accounts
Volume of Blob Data
5. Important Notes
The Tool Operates in Read-Only Mode and Does Not Modify Any Resources
Execution may generate a High Volume of Read API calls
Large Environments may take significant time to complete
Results reflect a Point-In-Time Snapshot of the Environment
6. Recommended Best Practice
For Consistent Auditing:
Run the Tool on a Scheduled Basis
Store CSV Outputs with Timestamps
Compare Results Over Time to Detect Changes
The Azure Storage Security and Utilization Audit Tool reports on the following components:
Storage Account Inventory
Storage account name
Resource group
Region
SKU and account type
Access tier configuration
Identity and Access Management (RBAC)
All identities with access to each storage account
Identity type (User, Group, Service Principal)
Assigned roles (Reader, Contributor, Owner, Storage-specific roles)
File Storage (Azure Files)
All file shares per storage account
Blob Storage
All containers
All blobs
Blob size (bytes)
Blob tier (Hot, Cool, Archive)
Queue Storage
All queues per storage account
Table Storage
All tables per storage account
Storage Utilization
Total storage consumption per storage account (GB)
Tiering Utilization
Storage distribution across tiers:
Hot
Cool
Archive
The Azure Storage Security and Utilization Audit Tool generate the following structured output files:
StorageAccounts.csv
RBAC.csv
FileShares.csv
BlobInventory.csv
Queues.csv
Tables.csv
Utilization.csv
Tiering.csv