2 years ago
During Ignite 2018 Microsoft released a couple of new services and features in public preview for Azure i will try to cover the Governance parts in upcoming posts.
Lets start with Resource Graph.
If you have been working with Azure Resource Manager, you might have realized its limitations for accessing resource properties. The resource fields we have been able to work with is Resource Name, ID, Type, Resource Group, Subscriptions, and Location. If we want to find other properties, we need to query each resource separately and you might end up with quite complicated scripts to complete what started as simple tasks.
This is where Resource Graph comes in, Resource Graph is designed to extend the Azure Resource Management with a Azure Data Explorer Query language base.
With Resource Graph it’s now easy to query all resources over different subscriptions, as well as get properties of all resources without more advanced scripts to query all resource separately. Ill show how in the attached examples below.
To get started with Resource Graph you can use either CLI, Powershell or the Azure Portal.
In the examples below, I am using Cloudshell and Bash but you could just as well use Powershell:
#Add Resource Graph Extension, needs to be added first time.
az extension add –name resource-graph
#Displays all virtual machines, OS and versions
az graph query -q "where type =~ 'microsoft.compute/virtualmachines'| summarize count() by OS = tostring(aliases['Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType']), OsVersion = tostring(properties.storageProfile.imageReference.version)" –output table
# Display all virtual machines that starts with “AZ” and ends with number.
az graph query -q "where type =~ 'microsoft.compute/virtualmachines' | where name matches regex @'^AZ(.*)[0-9]+$'|project name"
# Display all storage accounts that have the option to “Allow Access from all networks”
az graph query -q "where type =~ 'microsoft.storage/storageaccounts' | where aliases['Microsoft.Storage/storageAccounts/networkAcls.defaultAction'] =='Allow'| summarize count()"
# Display linux VMs with OS version 16.04
az graph query -q “where type =~ 'microsoft.compute/virtualmachines'| project OS = tostring(aliases['Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType']) , OsVer = tostring(properties.storageProfile.imageReference.version) | where OS == 'Linux' and OsVer startswith '16.04' | summarize count()"
For more info about the query language check this site:
If you have any specific scenario feel free to contact me and we can try to query your specific needs.
You can reach me at email@example.com if you have any questions.