Azure resource graph is a service designed by Azure to extend the capability of the management of Azure resources. This provides efficiency and performance for querying and exploring resources in multiple subscriptions on a large scale. This help organization IT teams to implement governance on a large scale over them organization-wide. Azure Resource Graph provide the following capabilities.
- Enable IT teams, to query resources across multiple subscriptions at once
- Ability to use complex queries for filtering, grouping, and sorting resources.
- Help to apply policies to the vast amount of cloud environments
- Ability to asses the m=impact of applying policies
Azure Resource Graph uses the Kusto Query Language
To run Azure Resource Graph queries we can use following tools
- Azure Portal and Resource Graph Explorer
- Azure PowerShell
- Azure CLI
So if you have familiarity with working Azure Log Analytics queries then learning Azure Resource Graph queries wouldn’t be much harder. It uses the same query language.
Let’s see on the action a few queries we can use. For the starters, we can use the following simple queries.
NOTE:- Before using a query we need to install the extension to Azure CLI. Refer to this to install.
Getting all the resources in your tenant
To run below query I used Azure CLI. We can do the same through portal and Azure PowerShell.
This query will output the count of the resources in all the subscriptions. we use count () function to get the number of resources.
Resources| summarize count()
az graph query -q 'Resources| summarize count()'
Get a count of VMs by the OS type
This following query is useful for most Azure administrators and architects. If the organization has hundreds of subscriptions and need to know the number of VMs running on different OS types. For this query, we use Azure resource provider Microsoft.Compute/virtualMachines . We use the son path properties.storageProfile.osDisk.osType to query the OS type. By using where we filter the resources.
Resources
| where type =~ 'Microsoft.Compute/virtualMachines'
| summarize count() by tostring(properties.storageProfile.osDisk.osType)
az graph query -q "Resources | where type =~ 'Microsoft.Compute/virtualMachines' | summarize count() by tostring(properties.storageProfile.osDisk.osType)"
Find storage accounts with specific tag on the Resource Group
In this example we are going to find storage accounts in a resource group with specific tag attached
Resources
| where type =~ 'microsoft.storage/storageaccounts'
| join kind=inner (
ResourceContainers
| where type =~ 'microsoft.resources/subscriptions/resourcegroups'
| where tags['ENV'] =~ 'DEV'
| project subscriptionId, resourceGroup)
on subscriptionId, resourceGroup
| project-away subscriptionId1, resourceGroup1
For more details refer bellow links.