Azure Blob Commands
I run a few of my workloads on VMs in Azure. Some of them deal with data and content that changes over time, and accordingly I like to have the data backed up periodically. Microsoft provides the AzCopy tool for uploading files to Azure blob storage alright, and it works very well with managed identities assigned to VMs (and other services in Azure).
But some of the same properties that apply to data also apply to the backups of that data: their value diminishes over time, so keeping backups for an extended amount of time is pointless. Accordingly, I always want to delete old backups after some time.
The above mentioned AzCopy tool does allow to list blobs and remove them, but
these commands are in no way suited for easy automation through scripts. For
example, even though the tool has flags --machine-readable
and --output-type=json
that can be used for this, that flag causes the tool to produce JSON encoded
output of human readable messages. In fact, using these flags produces output
like this:
{"TimeStamp":"2024-07-14T09:15:59.897062902Z","MessageType":"ListObject","MessageContent":"{\"Path\":\"backup-2024-07-10_00.00.01.sql.gz\",\"ContentLength\":\"48.41 KiB\"}","PromptDetails":{"PromptType":"","ResponseOptions":null,"PromptTarget":""}}
As you can see, the actual relevant information of blob names is double encoded in JSON. It’s possible to decode that from scripts, but it’s silly to do things this way.
Enter Azure Blob Commands (abc
)
That’s why a short while back, I’ve decided that a CLI that follows some of the
same rules as your every day ls
and rm
tools was needed. So I’ve created
abc
, the Azure Blob Commands tool that
addresses some of these issues and basically puts one item (a blob container or
a blob) per line.
This effectively allows to easily combine outputs of abc
with other tools, and
even use the results as input for abc
again. For example, if we have a blob
container where daily backups of some data or content are uploaded to, all we
need to do to clean up backups older than 30 days is to run the following.
abc blobs rm -n mystorageaccount -c mybackups \
$(abc blobs ls -n mystorageaccount -c mybackups | head -n-30)
Please note that abc
uses the default way of acquiring an access token for
authentication (see
Azure golang SDK):
- Try environment variables
- Try workload identity (for Kubernetes)
- Try managed identity (for Azure services)
- Try AzCLI credentials
- Try Azure Developer Credentials
So when using abc
from your workstation, if you’re signed in to AzCLI you’re
good to go. If you’re running abc
on your VM in Azure itself, and the VM has
a managed identity assigned to it, you’re also good to go.
The tool and its code are open source, and you can find it all on GitHub. Issues and feature requests are welcome. Have fun.