You may or may not have seen how slow the Azure Portal can be (in the past). Especially when you are working in large environments with hundreds and thousands of resources it could take a while to get a view of, for example, you servers in Azure. This is where Azure Resource Graph comes into action.
But there is a lot more that Resource Graph can do for you…
What is Azure Resource Graph?!
Azure Resource Graph is a service built in to Azure, that is providing the option to do large scale queries across resources in different subscriptions (and for Managed Service Providers even in different tenants – #Lighthouse). So it is actually built with the idea of large scale deplyoments.
It is part of the Governance Toolset of Microsoft, as it can be used to:
filter, group and search for defined resources
explore resource in governance needs
assess impact of policies you are developing
follow up changes that are made to resources (preview)
The Azure Resource Graph can be used directly in the portal or via PowerShell, CLI, or REST.
In the Azure Portal you can find the Resource Graph Explorer. That is a good starting point for our first trials and errors … because you can just use without any preparation of environments, etc.
But how does this actually work …
How does Resource Graph work?!
You may now ask: “What is so special about this?” Searching for resources was always possible via PowerShell and the Azure Resource Manager …
Yes … BUT
One of the main issues we had with the Azure Resource Manager was, that it by default just provided basic information about a resource, like ID, Name, Type. If you wanted to go deeper you had to query the resource provider.
If you think about an easy setup:
10 VMs
10 Managed Disks
1 VNET
1 Azure Firewall
1 Log Analytics Workspace
and you now try to get the following information:
show me every VM where the disk is larger than 100 GB and the VM-Size is D2
search for the system that uses the IP Adress 10.10.10.4
…
Normally you would query different resource providers, or try to get a lot of detail… in a large environment this takes a while, as all resources are asked for detail … now with Azure Resource Graph it is a simple query and it is super fast:
What actually happens with Resource Graph is, that Microsoft pulls an Index of all details of your resources. This index is kept for 14 days, so you can even query for changes that happened over time.
Every time you change a resource in Azure, the Resource Graph is triggered to update its database with the new configuration. Besides this there is a regular “full scan” which is checking on the current status and makes sure that no change was missed.
What is a query and what is KQL?!
A query in Azure Resource Graph is actually the information request that you have to put in in a specific way. If you ever used Log Analytics you may have seen the notation already. Everything is based on the Kusto Query Language (KQL)
When doing a query like:
resources
| where type == "microsoft.network/networkinterfaces"
| where properties.ipConfigurations[0].properties.privateIPAddress == "X"
you are actually following a trail into a table.
There are four tables currently available:
Resources
Resource Containers
AlertsManagementResources
SecurityResources
In those tables all details of the resources are kept … and this is what you can query for:
All queries are done with the RBAC rights of the user executing them. So take care that you at least have a read right to query for the information. If you do not have read permissions you will not get an answer from Resource Graph.
Where to start?!
If you want to start your first own queries … there are some prepared queries from Microsoft:
I love social media and all the channels I follow. So also this topic came into my view out of a LinkedIn post of David das Neves. I had a look into it … and thought I should share it here. Microsoft Learning on GitHub Did you know that there is a number of repositories…
What do you do on May 28th?! Where will you be on May 28th? You don’t know?! Let me tell you: You will be in the Netherlands, in Veenendaal and visit Azure Fest NL 2020 You don’t know what Azure Fest is … in the words of the organizers: Azure Fest NL is a free, single…
So as we know the Azure Networking Basics now, we can focus on the base element in Networking in Azure: Azure VNets Azure Virtual Networks a.k.a. VNets An Azure Virtual Network is the fundamental building block in an Azure environment. It is your private network portion of the azure network. Each VNet is a separated…
If you are an Azure Veteran … what was the first thing you have created in Azure? If you are new to Azure, what are you looking for to create? In many cases the answer is: Virtual Machines An even if you are one of the fancy-new-world-everything-paas-and-serverless gurus … we must be honest and say:…
If you have never heard about Microsoft OpenHack … you should keep on reading. Because this is a unique opportunity for raising the bar of your own skill. So let’s have a closer look on OpenHack What is OpenHack? To say it without my own words: Microsoft OpenHack is a developer focused event where a…
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here:
Cookie Policy
Leave a comment