Run Azure Resource Graph queries using Azure CLI
To end this series of articles about Azure Resource Graph. In this last article, I want to show you how to use this service to make inquiries and explore resources with the Azure CLI. Requirements:
- This tutorial assumes that you already have a Microsoft Azure account set up.
- Add the Azure Resource Graph extension to your Azure CLI environment, check out this link.
Azure CLI Workaround #
You can use it in your browser with Azure Cloud Shell or install it on your machine. If you want to know how to install the Azure CLI, check out this link. The way to get started is to sign in interactively at the command line.
az login
This command will bring up a dialog box prompting you for your email address and password associated with your Azure account. If you have more than one subscription associated with your mail account, you can choose the default subscription. to perform this task, we will use the following commands:
az account list
az account set \
--subscription "Subscription Name"
Once you set your default subscription, you’re ready to start.
Azure Resource Graph queries #
To Run an Azure Resource Graph query, you should use the graph extension and query command with the following syntax. The following query returns the number of Azure resources that exist in the subscriptions to which you have access.
az graph query \
-q "summarize count()" \
-o table
We can modify the previous query to obtain the number of resources by type of resources. Important: Certain keys are filtered out and not printed in the table view. These keys are id, type, and tag. To see these values, you can change the key name in a multi-select hash.
az graph query \
-q "summarize count() by type" \
--query "[].{Type:type,Count:count_}" \
-o table
We can also list all the resources of our subscription, using the following query.
az graph query \
-q "project name, type" \
--query "[].{Name:name, Type:type}" \
-o table
Now that we know the types of resources that exist in our subscription, I will use one of them to make the queries, in my case I will use the virtual machines as an example of this guide. This query returns the name and resource group properties of type resources: microsoft.compute/virtualmachines
az graph query \
-q "where type =~ 'microsoft.compute/virtualmachines' | project name, resourceGroup" \
-o table
Here is another variant of the same type of query
az graph query \
-q "where type =~ 'microsoft.compute/virtualmachines' | project name, location, tags" \
--query "[].{Name:name, Location:location, Tags:tags.OS}" \
-o table
We can also add tabular operators to our queries, check out this link. In this case, I will use the count operator.
az graph query \
-q "where type =~ 'microsoft.compute/virtualmachines' | project name | count" \
-o table
In the following query, I will use the summarize operator.
az graph query \
-q "where type =~ 'microsoft.compute/virtualmachines' | project name, location | summarize count() by location" \
-o table
This query searches for virtual machines that match a regular expression (known as regex). Regex @ matches allow us to define the regular expression to match string or characters group.
az graph query \
-q "where type =~ 'microsoft.compute/virtualmachines' and name matches regex @'DEMO'| project name, location |order by name asc" \
-o table"
I hope you find this guide useful for you and share it with the community. If you want to know more about the Azure Resource Graph query language, check out this link: https://docs.microsoft.com/en-us/azure/governance/resource-graph/concepts/query-language