DEV Community

Cover image for Find unused storage accounts in Azure
Sarah Lean 🏴󠁧󠁒
Sarah Lean 🏴󠁧󠁒

Posted on • Originally published at techielass.com

Find unused storage accounts in Azure

No one wants to pay more than they have to and that is why when using the cloud you need to be on top of removing unused resources, or orphaned resources. In a previous blog post I showed you how to find any unused disks or NICs from deleted virtual machines.

In this blog post I want to help you understand how you can find those unused storage accounts within your Azure subscriptions.
There are three methods I've used to start the hunt.

Azure Portal

The first method I like to use is Azure Monitor. Within there you have a section for Storage Accounts.

Within here you can gather some useful information around Transactions. This can help to show you how active or inactive the storage account is.

Below is an example within my Azure subscription.

Azure Monitor results

This will help to guide you in showing which storage accounts are being used and which ones aren't actually that active.

The word of caution I'd use with this method is you could have archive storage here that isn't used either read or added to. Make sure you are paying attention to the name or tags of your storage accounts before deciding something that has no transactions can be deleted.

PowerShell

Another way I have found is using a script that queries for every storage account within my Azure subscription and then pull out the last modified date for that container. You can find a copy of the script below or a copy here.

<#
.SYNOPSIS
FindUnusedAzureStorage.ps1

.DESCRIPTION 

This script queries your Azure subscription and gathers the name and last modified date of your Azure storage accounts. 

.OUTPUTS
It will output the results into a table detailing the name and last modified date of your Azure storage accounts.

.NOTES
Written by: Sarah Lean
Find me on:
* My Blog:  http://www.techielass.com
* Twitter:  https://twitter.com/techielass
* LinkedIn: http://uk.linkedin.com/in/sazlean

.EXAMPLE
.\FindUnusedAzureStorage.ps1
This will query your Azure subscription looping round each storage account gather the name and last modified date.  The output table will show you the storage account name, last modified date and the resource group that storage account is stored in.  Please note that the last modified date is shown in MM/DD/YYYY format.

Change Log

V1.00, 20th January 2022 - Initial version

License:
The MIT License (MIT)
Copyright (c) 2022 Sarah Lean
Permission is hereby granted, free of charge, to any person obtaining a copy 
of this software and associated documentation files (the "Software"), to deal 
in the Software without restriction, including without limitation the rights 
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 
copies of the Software, and to permit persons to whom the Software is 
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all 
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER 
DEALINGS IN THE SOFTWARE.
#>


& {
foreach ($storageAccount in Get-AzStorageAccount) {
$storageAccountName = $storageAccount.StorageAccountName
$resourceGroupName = $storageAccount.ResourceGroupName


  # Get storage account key
     $storageAccountKey = (Get-AzStorageAccountKey -Name $storageAccountName -ResourceGroupName $resourceGroupName).Value[0]

     # Create storage account context using above key
     $context = New-AzStorageContext -StorageAccountName $storageAccountName -StorageAccountKey $storageAccountKey

     # Get the last modified date
     $lastModified = Get-AzStorageContainer -Context $context 
         | Sort-Object -Property @{Expression = {$_.LastModified.DateTime}}
             | Select-Object -Last 1 -ExpandProperty LastModified

             # Collect the information to output to a table when the for loop has completed
             New-Object psobject -Property @{
                 Name = $storageAccountName;
                 LastModified = $lastModified.DateTime;
                 ResourceGroupName = $resourceGroupName
             }

 }
} | Format-Table Name, LastModified, ResourceGroupName -autosize
Enter fullscreen mode Exit fullscreen mode

This will output a table showing the storage account name, last modified date and the resource group the storage account is in. It's worth noting the date format is MM/DD/YY.

Below is an example of me running the script on my Azure subscription within the Cloud Shell.

PowerShell Results

The flaw with this method is that files might still be getting accessed but not modified, so it's not perfect, but it can be a great place to start trying to find those unused storage accounts.

Communication

The last method is communication. Using the information you've gathered from above reach out to your colleagues and peers and confirm what you've found is true or not.

Hopefully you'll have a good naming convention or tagging system within Azure that will make tracking down the owners of these Azure storage account fairly easy. πŸ˜‰

Top comments (0)