Forum Discussion
Run queries using the Azure CLI Resource Graph to gather information in Azure!
Hi Azure friends,
In this article I will show you how to collect information with the Resource Graph in Azure. Start the CloudShell in the Azure portal or go to the following URL: https://shell.azure.com/
Please start with the following steps to begin the deployment (the Hashtags are comments):
#Here you can find out which subscription you are working with
az account show
#View all subscriptions
az account list --all --output table
#change the subscription (if necessary)
az account set --subscription "Name of the Subscription"
#Add the Resource Graph extension to the Azure CLI environment
az extension add --name resource-graph
#Check the extension list
az extension list
#Run help for graph query options
az graph query -h
#Count Azure resources
az graph query -q "Resources | summarize count()"
#Is this result correct, we check it in the Azure Portal
#Only 43, but wait there are still hidden resources!
#Everything is fine!
#Count Key Vault resources
az graph query -q "Resources | where type =~ 'microsoft.keyvault/vaults' | count"
#List resources sorted by name
az graph query -q "Resources | project name, type, location | order by name asc"
#All virtual machines ordered by name in descending order
az graph query -q "Resources | project name, location, type| where type =~ 'Microsoft.Compute/virtualMachines' | order by name desc"
#Five virtual machines by name and their OS type
az graph query -q "Resources | where type =~ 'Microsoft.Compute/virtualMachines' | project name, properties.storageProfile.osDisk.osType | top 5 by name desc"
#Count virtual machines by OS type
az graph query -q "Resources | where type =~ 'Microsoft.Compute/virtualMachines' | extend os = properties.storageProfile.osDisk.osType | summarize count() by tostring(os)"
#List all public IP addresses
az graph query -q "Resources | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) | project properties.ipAddress | limit 100"
#Count resources that have IP addresses configured by subscription
az graph query -q "Resources | where type contains 'publicIPAddresses' and isnotempty(properties.ipAddress) | summarize count () by subscriptionId"
#List resources with a specific tag value
az graph query -q "Resources | where tags.Projekt=~'cloud2020' | project name, tags"
#Get virtual networks and subnets of network interfaces
az graph query -q "Resources | where type =~ 'microsoft.network/networkinterfaces' | project id, ipConfigurations = properties.ipConfigurations | mvexpand ipConfigurations | project id, subnetId = tostring(ipConfigurations.properties.subnet.id) | parse kind=regex subnetId with '/virtualNetworks/' virtualNetwork '/subnets/' subnet | project id, virtualNetwork, subnet"
#Summarize virtual machine by the power states extended property
az graph query -q "Resources | where type == 'microsoft.compute/virtualmachines' | summarize count() by tostring(properties.extended.instanceView.powerState.code)"
I hope these examples have shown you how quickly information can be collected. Absolutely nothing wild, but still I wanted to share these experiences with you.
Thank you for taking the time to read this article. Best regards, Tom Wechsler
P.S. All scripts (#PowerShell, azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler