Forum Discussion

TomWechsler's avatar
Aug 07, 2021

Run queries using the Azure CLI Resource Graph to gather information in Azure!

 

Hi Azure friends,

 

In this article I will show you how to collect information with the Resource Graph in Azure. Start the CloudShell in the Azure portal or go to the following URL: https://shell.azure.com/
Please start with the following steps to begin the deployment (the Hashtags are comments):

 

#Here you can find out which subscription you are working with
az account show

 

#View all subscriptions
az account list --all --output table

 

#change the subscription (if necessary)
az account set --subscription "Name of the Subscription"

 

#Add the Resource Graph extension to the Azure CLI environment
az extension add --name resource-graph

 

#Check the extension list
az extension list

 

#Run help for graph query options
az graph query -h

 

#Count Azure resources
az graph query -q "Resources | summarize count()"

 

#Is this result correct, we check it in the Azure Portal

 

#Only 43, but wait there are still hidden resources!

 

#Everything is fine!

 

#Count Key Vault resources
az graph query -q "Resources | where type =~ 'microsoft.keyvault/vaults' | count"

 

#List resources sorted by name
az graph query -q "Resources | project name, type, location | order by name asc"

 

#All virtual machines ordered by name in descending order
az graph query -q "Resources | project name, location, type| where type =~ 'Microsoft.Compute/virtualMachines' | order by name desc"

 

#Five virtual machines by name and their OS type
az graph query -q "Resources | where type =~ 'Microsoft.Compute/virtualMachines' | project name, properties.storageProfile.osDisk.osType | top 5 by name desc"

 

#Count virtual machines by OS type
az graph query -q "Resources | where type =~ 'Microsoft.Compute/virtualMachines' | extend os = properties.storageProfile.osDisk.osType | summarize count() by tostring(os)"

 

#List all public IP addresses
az graph query -q "Resources | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) | project properties.ipAddress | limit 100"

 

#Count resources that have IP addresses configured by subscription
az graph query -q "Resources | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) | summarize count () by subscriptionId"

 

#List resources with a specific tag value
az graph query -q "Resources | where tags.Projekt=~'cloud2020' | project name, tags"

 

#Get virtual networks and subnets of network interfaces
az graph query -q "Resources | where type =~ 'microsoft.network/networkinterfaces' | project id, ipConfigurations = properties.ipConfigurations | mvexpand ipConfigurations | project id, subnetId = tostring(ipConfigurations.properties.subnet.id) | parse kind=regex subnetId with '/virtualNetworks/' virtualNetwork '/subnets/' subnet | project id, virtualNetwork, subnet"

 

#Summarize virtual machine by the power states extended property
az graph query -q "Resources | where type == 'microsoft.compute/virtualmachines' | summarize count() by tostring(properties.extended.instanceView.powerState.code)"

 

I hope these examples have shown you how quickly information can be collected. Absolutely nothing wild, but still I wanted to share these experiences with you.

 

Thank you for taking the time to read this article. Best regards, Tom Wechsler

 

P.S. All scripts (#PowerShell, azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler

No RepliesBe the first to reply

Resources