Last active
October 29, 2025 21:01
-
-
Save jschlackman/1436114a85cdd6c02696a8bedb60b1e8 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| .SYNOPSIS | |
| Lists all Azure storage accounts with their encryption settings. | |
| .DESCRIPTION | |
| Author: James Schlackman <james@schlackman.org> | |
| Last Modified: Oct 29 2025 | |
| .PARAMETER AzTenant | |
| Tenant domain name or ID | |
| .PARAMETER Subscription | |
| The name or id of the subscription that should be queried. | |
| .PARAMETER OutputPath | |
| Path to optional CSV export file. | |
| #> | |
| #Requires -Module @{ModuleName='Az.Accounts'; ModuleVersion='1.0'}, @{ModuleName='Az.Storage'; ModuleVersion='1.0'} | |
| Param( | |
| [Parameter()] [String] $Tenant, | |
| [Parameter()] [String] $Subscription, | |
| [Parameter()] [String] $OutputPath = "$((Get-Date).ToString("yyMMdd")) Azure Storage Accounts" | |
| ) | |
| # Connect to Azure | |
| Connect-AzAccount | |
| # Set context to specified tenant or subscription if provided | |
| If ([bool]$Tenant) { | |
| Set-AzContext -Tenant $Tenant | |
| } ElseIf ([bool]$Subscription) { | |
| Set-AzContext -Subscription $Subscription | |
| } | |
| $storageAccounts = Get-AzStorageAccount | Sort-Object -Property ResourceGroupName, StorageAccountName | |
| $AuditOutput = $storageAccounts | ForEach-Object { | |
| [PSCustomObject]@{ | |
| StorageAccountName = $_.StorageAccountName | |
| ResourceGroupName = $_.ResourceGroupName | |
| PrimaryLocation = $_.PrimaryLocation | |
| SkuName = $_.Sku.Name | |
| Kind = $_.Kind | |
| AccessTier = $_.AccessTier | |
| CreationTime = $_.CreationTime | |
| EnableHttpsTrafficOnly = $_.EnableHttpsTrafficOnly | |
| EncryptionEnabled = $_.Encryption.Services.File.Enabled | |
| EncryptionEnabledTime = $_.Encryption.Services.File.LastEnabledTime | |
| EncryptionKeyType = $_.Encryption.Services.File.KeyType | |
| } | |
| } | |
| # Display output | |
| $AuditOutput | Out-GridView -Title ("Storage acccounts for subscription {0} ({1})" -f (Get-AzContext).Subscription.Name, (Get-AzContext).Subscription.TenantId) | |
| Write-Host 'See grid export for details.' | |
| # Optionally export output to file | |
| Write-Host "`nExport details to CSV? " -ForegroundColor Cyan -NoNewline | |
| $OutputPath = "$OutputPath - {0}.csv" -f (Get-AzContext).Subscription.TenantId | |
| If ((Read-Host '[y/N]').ToUpper() -eq 'Y') { | |
| Write-Host 'Exporting to ' -NoNewline | |
| Write-Host $OutputPath -ForegroundColor Green | |
| $AuditOutput | Export-Csv -NoTypeInformation -Path ($OutputPath) -Encoding UTF8 | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment