Posted in : Azure, Microsoft Av Tobias Vuorenmaa Översätt med Google ⟶

5 years ago

During Ignite 2018 Microsoft released a couple of new services and features in public preview for Azure i will try to cover the Governance parts in upcoming posts.
Lets start with Resource Graph.
If you have been working with Azure Resource Manager, you might have realized its limitations for accessing resource properties. The resource fields we have been able to work with is Resource Name, ID, Type, Resource Group, Subscriptions, and Location. If we want to find other properties, we need to query each resource separately and you might end up with quite complicated scripts to complete what started as simple tasks.
This is where Resource Graph comes in, Resource Graph is designed to extend the Azure Resource Management with a Azure Data Explorer Query language base.
With Resource Graph it’s now easy to query all resources over different subscriptions, as well as get properties of all resources without more advanced scripts to query all resource separately. Ill show how in the attached examples below.

All Resources

The new “All resources” view in the portal is based on Resource Graph and if you haven’t tried it out yet go check it out. It’s still in preview so you have to “opt-in” to try it.

Get started

To get started with Resource Graph you can use either CLI, Powershell or the Azure Portal.
In the examples below, I am using Cloudshell and Bash but you could just as well use Powershell:

#Add Resource Graph Extension, needs to be added first time.

az extension add –name resource-graph

#Displays all virtual machines, OS and versions

az graph query -q "where type =~ 'microsoft.compute/virtualmachines'| summarize count() by OS = tostring(aliases['Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType']), OsVersion = tostring(properties.storageProfile.imageReference.version)" –output table

Example output from above query

# Display all virtual machines that starts with “AZ” and ends with number.

az graph query -q "where type =~ 'microsoft.compute/virtualmachines' | where name matches regex @'^AZ(.*)[0-9]+$'|project name"

# Display all storage accounts that have the option to “Allow Access from all networks”

az graph query -q "where type =~ 'microsoft.storage/storageaccounts' | where aliases['Microsoft.Storage/storageAccounts/networkAcls.defaultAction'] =='Allow'| summarize count()"

# Display linux VMs with OS version 16.04

az graph query -q “where type =~ 'microsoft.compute/virtualmachines'| project  OS = tostring(aliases['Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType']) , OsVer = tostring(properties.storageProfile.imageReference.version) | where  OS == 'Linux' and OsVer startswith '16.04'  | summarize count()"

For more info about the query language check this site:
https://docs.microsoft.com/en-us/azure/governance/resource-graph/concepts/query-language
If you have any specific scenario feel free to contact me and we can try to query your specific needs.
You can reach me at tobias.vuorenmaa@xenit.se if you have any questions.

Tags : Azure Resource Graph, Resource Graph

Personlig rådgivning

Vi erbjuder personlig rådgivning med författaren för 1400 SEK per timme. Anmäl ditt intresse i här så återkommer vi så snart vi kan.

Add comment

Your comment will be revised by the site if needed.