Azure Resource Graph

Azure resource graph is a resource exploration service that gives full visibility of the resources among all the subscriptions and management groups. Let’s understand the need for an Azure resource graph by an example, suppose we want to know the number of resources of all locations among all subscriptions. Then below Azure CLI command will give the result.

az graph query -q "summarize count ()"

We can say that it can be achieved simply by clicking on ‘All resources’ on the Azure portal then why should we use this graph resource command. Exactly, the Azure portal is using the resource graph behind the seen to give this experience. Now we can experience that at scale for our resources. Let’s little twist the previous example, we want to see all the resources by location. Now for this, we have to write the script and before that, we need to understand the resource manager (RM) model, a different version of RM, and still, there is a chance that you will not get the result as expected due to the RM throttling. Using the Resource graph is as simple as below.

az graph query -q "summarize count () by location"

Now, you may already have the impression that Resource Graphs use query language, either we have to use Azure CLI or Azure PowerShell to experience the power of Resource Graph. To understand the azure resource graph query language click here. Here is a few starter resource graph query from where you can start. Another use of the resource is a graph is to check instance policy impact analysis. We will cover this in another post.

In this post, we are going to use Azur CLI to demonstrate a few examples and assuming you already know how to connect/install Azure CLI. We need to connect to install/enable Azure Resource Graph Extension to run the resource graph command as below.

az extension add --name resource-graph

Example 1: Count all the resources among all subscriptions in your environment.

az graph query -q "summarize count ()"

The above command shows, that there is a total of nine resources in the environment.

Example 2: Count all the resource by location in your environment.

az graph query -q "summarize count () by location"

Here, we can see West Europe hs 15 resources, global 1 resource, and North Europe has 1 resource.

Example 3: Count all the resources by type

az graph query -q "summarize count () by type"

Here, we are getting the resource count by its types such as storage account, alert rules, server farm, sites, and DNS zones.

Example 4: Count all the Linux VM having OS version 18.04. This type of query will be very helpful in a scenario like ‘we came to know there is a vulnerability in a specific OS version and we need to know how many VM we have, having such vulnerability.

az graph query -q "where type =~ 'microsoft.compute/virtualmachines' | summarize count() by
OS = 'Linux',
OsVersion = '18.04'" --output table

Here, we can see there are two Linux ver 180.4 VMs in the environment.

In this post, we have only discussed the ‘count‘ operation. There are many other operations as below which gives a wide range of results as per the scenario and requirements.

• distinct
• extend
• limit
• order by
• project
• project-away
• sample
• sample-distinct
• sort by
• summarize
• take
• top
• top-nested
• top-hitters
• where

Refer above hyperlinks to learn other operations which will navigate you to the Microsoft official documentation.