Apps on Azure Blog

3 MIN READ

Azure Resource Graph Explorer for Microsoft.Web resources

Microsoft

Apr 18, 2023

Azure Resource Graph

Azure Resource Graph is an Azure service designed to extend Azure Resource Management by providing efficient and performant resource exploration with the ability to query at scale across a given set of subscriptions so that you can effectively govern your environment.

These queries provide the following abilities:

Query resources with complex filtering, grouping, and sorting by resource properties.
Explore resources iteratively based on governance requirements.
Assess the impact of applying policies in a vast cloud environment.
Query changes made to resource properties (preview).

Below are few resource types supported by Azure Resource Graph:

Microsoft.web/apimanagementaccounts
Microsoft.web/apimanagementaccounts/apis
Microsoft.web/certificates
Microsoft.Web/connectionGateways (On-premises Data Gateways)
Microsoft.Web/connections (API Connections)
Microsoft.Web/customApis (Logic Apps Custom Connector)
Microsoft.Web/HostingEnvironments (App Service Environments)
Microsoft.Web/KubeEnvironments (App Service Kubernetes Environments)
Microsoft.Web/serverFarms (App Service plans)
Microsoft.Web/sites (App Services)
Microsoft.web/sites/premieraddons
Microsoft.Web/sites/slots (App Service (Slots))
Microsoft.Web/StaticSites (Static Web Apps)
Microsoft.Web/WorkerApps (Container Apps)

How to Explore Azure Graph Explorer on Azure portal:

Go to Azure Portal > Search for Resource Graph

Use Resource Graph Explorer for executing the queries.

Access Resource explorer directly from Resource Group

To list all sites across all subscriptions and resources groups:

resources

| where type == "microsoft.web/sites"

To view all your sites that are located in West US:

resources

| where type == "microsoft.web/sites"

| where location == "westus"

List all your apps by specific property

To view all your running sites, you can drill into the “properties” object: List all your apps by specific property

resources
| where type == "microsoft.web/sites"
| where properties.state == "Running"

List Apps based on Stack

You can drill into properties object for getting stack used by the app, below is the sample query for Python 3.6

resources
| where type == 'microsoft.web/sites'
| where subscriptionId =~ '<SubIdHere>'
| where properties.siteProperties.properties contains "Python|3.6"

To get sites count by region:

resources
| where type == "microsoft.web/sites"
| summarize count() by location

Quickly Discover any expiring certificates for Azure App Services using azure graph queries

We can make use of Azure Resource Graph to make cross-subscription queries to see if I have any upcoming expiring certificates.

To learn more on Azure Graph Queries, click here.

Get all web app certificates

This will get you a list of all the app service certificates you have in your subscription(s).

resources

| where type == "microsoft.web/certificates"

To simplify the overview, we can limit the properties we return:

resources

| where type == "microsoft.web/certificates"

| project resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

Get the Expiration Date of certificates:

resources

| where type == "microsoft.web/certificates"

| extend ExpirationDate = todatetime(properties.expirationDate)

| project ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

| order by ExpirationDate asc

Get the number of days until expiration:

resources

| where type == "microsoft.web/certificates"

| extend ExpirationDate = todatetime(properties.expirationDate)

| extend DaysUntilExpiration = datetime_diff("day", ExpirationDate, now())

| project DaysUntilExpiration, ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

| where ExpirationDate < now() + 60d

| order by DaysUntilExpiration