Merged PR 56817: added removeblobtags automation account runbook

- added removeblobtags automation account runbook - Merge branch 'master' into jurjen/removeblobtags Related work items: #106056
2026-02-27 18:52:18 +01:00 · 2025-01-28 10:36:26 +00:00
parent 0633103464
commit 2b990dae8f
5 changed files with 82 additions and 2 deletions
--- a/Powershell/RunBooks/RemoveBlobTags.ps1
+++ b/Powershell/RunBooks/RemoveBlobTags.ps1
@@ -0,0 +1,71 @@
+param (
+    [Parameter(mandatory=$true)]
+    [string] $storageName,
+    [Parameter(mandatory=$true)]
+    [string] $subscriptionId,
+    [Parameter(mandatory=$false)]
+    [int]$maxIterations=2,
+    [Parameter(mandatory=$false)]
+    [int]$maxBlobPerIteration = 1000
+) 
+
+Import-Module Az.Storage
+
+$stopwatch =  [system.diagnostics.stopwatch]::StartNew()
+[int] $total = 0
+
+try {
+    # This scripts removes all blob tags from an azure blob storage container based on a tag filter in the script. It performs it in chunks of 1000. 
+    # If there are no files left with the tag criteria the script will terminate
+    # see: https://github.com/m4m4m4/CleanBlobTags/tree/main
+    # see: https://www.reddit.com/r/AZURE/comments/1gvmulv/azure_blob_storage_malware_scan_and_blob_index/
+
+    # Connect to Azure with system-assigned managed identity
+    Disable-AzContextAutosave -Scope Process
+    Connect-AzAccount -Identity
+
+    # Set and store context
+    Set-AzContext -SubscriptionId $subscriptionId
+
+    # Connect to the Azure Storage account
+    $context = New-AzStorageContext -StorageAccountName $storageName -UseConnectedAccount 
+
+    $token     = $Null
+    Do
+    {
+        #Retrieve blobs 
+        $blobs = Get-AzStorageBlobByTag -Context $context -TagFilterSqlExpression """Malware Scanning scan time UTC"">'0'" -MaxCount $maxBlobPerIteration -ContinuationToken $token 
+
+        $blobCount = 1
+        
+        #Loop through the batch
+        Foreach ($blob in $blobs)
+        {
+            # Remove tags, as there really should 0 tags
+            Set-AzStorageBlobTag -Context $context -Container $blob.BlobBaseClient.BlobContainerName -Blob $blob.Name -Tag @{} | out-null
+
+            #Display progress bar
+            $percent = $($blobCount/$maxBlobPerIteration*100)
+            Write-Progress -Activity "Processing blobs" -Status "$percent% Complete" -PercentComplete $percent
+            $blobCount++
+        }
+
+        #Update $total
+        $total += $blobs.Count
+        
+        #Exit if all blobs processed
+        If($blobs.Length -le 0) { Break; }
+        
+        #Set continuation token to retrieve the next batch
+        $token = $blobs[$blobs.Count -1].ContinuationToken
+        $maxIterations--
+    }
+    While ($null -ne $token -and $maxIterations -gt 0)
+}
+catch 
+{
+    Write-Error $_
+}
+
+$stopwatch.Stop()
+Write-Output "Processed $total blobs in $($stopwatch.Elapsed)."