This document discusses how Azure Resource Graph can be used to efficiently manage Azure subscriptions at scale. It begins with an overview of management challenges at scale and introduces Azure Resource Graph as a solution. Key points covered include:
- Azure Resource Graph allows querying across subscriptions quickly and at scale to gain insights.
- The query syntax is based on Kusto and allows filtering, projecting, extending, and aggregating query results.
- Azure Resource Graph can be accessed via the Azure portal, PowerShell, Azure CLI and other methods.
- Graph queries can be converted to Azure policies using a tool called graph2policy to enforce governance at scale.
Building an Enterprise-Grade Azure Governance ModelKarl Ots
As presented at the CloudBrew 2019 conference in 13.12.2019.
When proper governance model is followed, your Azure application development teams are operating in a secure and compliant Azure environment during design, development and operations. In this "lessons learned" type of session, Karl will will share practical tips on how to build a comprehensive Azure governance model, based on real-life experiences from working with multi-billion dollar corporations.
After this session, you should have a better understanding of Azure governance best practices and in-house team roles & responsibilities. You will also have an overview of the technical fundamentals of a comprehensive Azure Governance.
Building an Enterprise-Grade Azure Governance ModelKarl Ots
As presented at the CloudBrew 2019 conference in 13.12.2019.
When proper governance model is followed, your Azure application development teams are operating in a secure and compliant Azure environment during design, development and operations. In this "lessons learned" type of session, Karl will will share practical tips on how to build a comprehensive Azure governance model, based on real-life experiences from working with multi-billion dollar corporations.
After this session, you should have a better understanding of Azure governance best practices and in-house team roles & responsibilities. You will also have an overview of the technical fundamentals of a comprehensive Azure Governance.
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But where do you begin? This requires a thorough understanding of your shared security responsibilities as well as familiarity with the tools available to address these issues.
AWS Black Belt Online Seminarの最新コンテンツ: https://aws.amazon.com/jp/aws-jp-introduction/#new
過去に開催されたオンラインセミナーのコンテンツ一覧: https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
Microsoft Azure - Introduction to microsoft's public cloudAtanas Gergiminov
Microsoft Azure is Microsoft's application platform for the public cloud. The goal of this presentation is to give you a foundation for understanding the fundamentals of Azure, even if you don't know anything about cloud computing.
AWS Black Belt Online Seminarの最新コンテンツ: https://aws.amazon.com/jp/aws-jp-introduction/#new
過去に開催されたオンラインセミナーのコンテンツ一覧: https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
In this session, AWS will present an overview of the AWS Landing Zone – an automated solution for setting up a robust and flexible AWS environment. Customers can expect to learn how AWS works with customers to accelerate their journey to AWS confidently and securely and how the AWS Landing Zone can be customized to meet each organization’s specific needs.
Presenter: Sadegh Nadimi, Senior Consultant, Global Migrations, AWS
CCI2018 - Automatizzare la creazione di risorse con ARM template e PowerShellwalk2talk srl
Su Azure è possibile creare risorse in maniera veloce e standardizzata tramite template json che descrivono le risorse da creare sulla piattaforma. Vediamo insieme cosa possono fare, e come possono essere estesi con custom script extension e Powershell Desired State Configuration.
By Marco Obinu
Hyperspace: An Indexing Subsystem for Apache SparkDatabricks
At Microsoft, we store datasets (both from internal teams and external customers) ranging from a few GBs to 100s of PBs in our data lake. The scope of analytics on these datasets ranges from traditional batch-style queries (e.g., OLAP) to explorative, ‘finding needle in a haystack’ type of queries (e.g., point-lookups, summarization etc.).
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But where do you begin? This requires a thorough understanding of your shared security responsibilities as well as familiarity with the tools available to address these issues.
AWS Black Belt Online Seminarの最新コンテンツ: https://aws.amazon.com/jp/aws-jp-introduction/#new
過去に開催されたオンラインセミナーのコンテンツ一覧: https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
Microsoft Azure - Introduction to microsoft's public cloudAtanas Gergiminov
Microsoft Azure is Microsoft's application platform for the public cloud. The goal of this presentation is to give you a foundation for understanding the fundamentals of Azure, even if you don't know anything about cloud computing.
AWS Black Belt Online Seminarの最新コンテンツ: https://aws.amazon.com/jp/aws-jp-introduction/#new
過去に開催されたオンラインセミナーのコンテンツ一覧: https://aws.amazon.com/jp/aws-jp-introduction/aws-jp-webinar-service-cut/
In this session, AWS will present an overview of the AWS Landing Zone – an automated solution for setting up a robust and flexible AWS environment. Customers can expect to learn how AWS works with customers to accelerate their journey to AWS confidently and securely and how the AWS Landing Zone can be customized to meet each organization’s specific needs.
Presenter: Sadegh Nadimi, Senior Consultant, Global Migrations, AWS
CCI2018 - Automatizzare la creazione di risorse con ARM template e PowerShellwalk2talk srl
Su Azure è possibile creare risorse in maniera veloce e standardizzata tramite template json che descrivono le risorse da creare sulla piattaforma. Vediamo insieme cosa possono fare, e come possono essere estesi con custom script extension e Powershell Desired State Configuration.
By Marco Obinu
Hyperspace: An Indexing Subsystem for Apache SparkDatabricks
At Microsoft, we store datasets (both from internal teams and external customers) ranging from a few GBs to 100s of PBs in our data lake. The scope of analytics on these datasets ranges from traditional batch-style queries (e.g., OLAP) to explorative, ‘finding needle in a haystack’ type of queries (e.g., point-lookups, summarization etc.).
You use AWS to run your core business – and that’s a great thing. The extreme pace of innovation, the breadth of their service catalog... the opportunity to leverage AWS to the benefit of your business is clear. However, many businesses don’t have a multitude of certified AWS experts on their staff, and that can have a variety of implications ranging from struggling under the burden of day to day operations to not realizing the full benefit of the AWS platform for your spend. In this session, Rackspace will cover what Fanatical Support for AWS is all about – providing a solution to this range of challenges – along with covering relevant customer case studies as to how businesses have leveraged our service to keep their focus on their core business while maximizing the benefit they receive from AWS. Please come join us!
Avere & AWS Enterprise Solution with Special Bundle Pricing OfferAvere Systems
In this webinar, Sabina Joseph, AWS, and Mark Eastman, Avere, discuss the enterprise cloud NAS solution available using Avere FXT Edge Filers and Amazon Cloud Services. Special limited-time bundle pricing is available and will be reviewed at the end.
(BDT209) Launch: Amazon Elasticsearch For Real-Time Data AnalyticsAmazon Web Services
Organizations are collecting an ever-increasing amount of data from numerous sources such as log systems, click streams, and connected devices. Launched in 2009, Elasticsearch —an open-source analytics and search engine— has emerged as a popular tool for real-time analytics and visualization of data. Some of the most common use cases include risk assessment, error detection, and sentiment analysis. However, as data volumes and applications grow, managing Elasticsearch clusters can consume significant IT resources while adding little or no differentiated value to the organization. Amazon Elasticsearch Service (Amazon ES) is a managed service that makes it easy to deploy, operate, and scale Elasticsearch clusters in the AWS Cloud. Amazon ES offers the benefits of a managed service, including cluster provisioning, easy configuration, replication for high availability, scaling options, data durability, security, and node monitoring. This session presents a technical deep dive on Amazon ES. Attendees learn: Common challenges with real-time data analytics and visualization and how to address them; the benefits, reference architecture, and best practices for using Amazon ES; and data ingestion options with Amazon DynamoDB, AWS Lambda, and Amazon Kinesis.
Database Week at the San Francisco Loft: Database Freedom
How AWS can help you unshackle and achieve transformation. Are you operating with old world databases? Discover Database Freedom with AWS.
Speaker: Ramya Kaushik - Database Engineer, DMS/SCT, AWS
15015 SRV318 Serverless Breakout Session Research at PNNL: Powered by AWS Pacific Northwest National Laboratory's rich data sciences capability has produced novel solutions in numerous research areas including image analysis, statistical modeling, and social media (and many more!). See how PNNL software engineers utilize AWS to enable better collaboration between researchers and engineers, and to power the data processing systems required to facilitate this work, with a focus on Lambda, EC2, S3, Apache Nifi and other technologies. Several approaches will be covered including lessons learned. AWS re:Invent 2017, Amazon, Giardinelli, Serverless, SRV318, EC2 11/28/2017 1:00:00 PM Tue Breakout Session
Research at PNNL: Powered by AWS - SRV318 - re:Invent 2017Amazon Web Services
Pacific Northwest National Laboratory's rich data sciences capability has produced novel solutions in numerous research areas including image analysis, statistical modeling, and social media (and many more!). See how PNNL software engineers utilize AWS to enable better collaboration between researchers and engineers, and to power the data processing systems required to facilitate this work, with a focus on Lambda, EC2, S3, Apache Nifi and other technologies. Several approaches will be covered including lessons learned.
Team Nation 2022 - How to choose between Dataverse, SQL Azure, SharePoint lis...serge luca
This is the session MVPs Serge Luca aka Doctor Flow and Isabelle Van Campenhoudt presented at Teams nation 2022. They provide criteria for choosing between Dataverse, Dataverse for Teams, SharePoint lists, SQL Azure.
Azure Identity (AD,ADFS 2.0,AAD,ADB2C,OAuth,OpenID,PingID,AD Custom Policies) ,
Azure PaaS (Azure Functions, Serverless computing, Azure Comsos DB, Webhooks, API Apps, Logic Apps, Kudu, Azure Websites), Azure Functions, Lamda Function, Event Functions, Serverless architecture, Implementing azure functions on GIT HUB comment feature, Why Azure Functions, Azure Virtual Machines, Azure Cloud Services, Azure Web Apps & WebJobs, Service Fabric, Consumption Plans, Billing Model, Benefits of Azure Functions, What is serverless, Implementing bigger solutions into smaller azure functions, Microservices, Use cases, Function App, Implementation storing unstructured data using Azure functions into Cosmos DB, Cosmos DB, Custom Azure functions, Azure Cosmos DB, IOTS, Document DB, Doc DB, How to setup a Jenkins build server and automatically trigger code from Visual studio online,Azure App Service, App service Environment, Azure Stack, Managing Azure App services, Azure Powershell, Azure CLI, REST APIS, Azure Portal, Templates, Kudu Console access, Run GIT Commands on Kudu Console, Locking Azure Resources, Configuring Custom Domains, Adding Extensions to Azure Web App/Websites, App service Deployment options, Data Services in Azure , Azure SQL, Azure SQL server, Azure SQL database vs SQL server in a Azure VM, SQL Tiers, DTU, Data Transactional Unit, Planning & provisioning azure SQL databases,Migrating SQL Databases, Azure SQL Server, SQL server transactional replication, Deploy database to Microsoft Azure Database Wizard, DAC package, DAC, SQL compatibility issues, Migrating SQL with downtime, DMA, Data Migration Assistant, Database Snapshot, Migrating SQL without downtime, DTU, Data Transactional Unit, Recommendations for best performance during SQL Import Process, Transactional Replication, T-SQL, Task to implement what ever you learnt till now,
Analytics on AWS with Amazon Redshift, Amazon QuickSight, and Amazon Machine ...Amazon Web Services
AWS has a large and growing portfolio of big data management and analytics services, designed to be integrated into solution architectures that meet the needs of your business. In this session, we look at analytics through the eyes of a business intelligence analyst, a data scientist, and an application developer, and we explore how to quickly leverage Amazon Redshift, Amazon QuickSight, RStudio, and Amazon Machine Learning to create powerful, yet straightforward, business solutions.
Speaker:
Paul Armstrong, Solutions Architect, Amazon Web Services
Similar to Webinar slides: Getting started with Azure Resource Graph (20)
Webinar: Protect your teams work across office 365ShareGate
With Microsoft Teams and modern SharePoint team sites being created at a record pace, how can you keep all of that content secured, protected, and retained? Microsoft MVP Joanne Klein (@JoanneCKlein) explains.
Webinar: Deploy Microsoft Teams and stay in controlShareGate
In this webinar, Microsoft Regional Director Benjamin Niaulin covers the fundamentals of a successful Microsoft Teams deployment.
Learn tips and tricks to roll out Microsoft's fastest-growing application—all while keeping your tenant tidy and secure.
Webinar: You made the move to Office 365—now what?ShareGate
In this webinar, Benjamin Niaulin explains how to leverage your Office 365 subscriptions to keep pace with the evolving workplace.
It’s not just SharePoint that needs to go from classic to modern—the way our IT departments think about and use technology in the workplace needs to be updated, too.
Everything Your End Users Should Know About OneDrive & OneDrive for BusinessShareGate
In order to help your employees with this transition, it's important to manage change and to find ways of engaging them and encouraging them to use the tool. This slide presentation goes over everything end users should know when using OneDrive for Business and/or OneDrive.
Useful Things End Users Should Know About Office 365 Groups & Team SitesShareGate
Every Office 365 group gets a SharePoint site for collaboration. This SlideShare presents basic information all end users should know about their team sites.
Make sure your employees are aware of these things to improve their experience with document management in the cloud.
[Webinar] SharePoint is About to Skyrocket to the Top... Get Ready!ShareGate
Are you ready for the future of productivity and collaboration? Join Benjamin Niaulin to find out what changes are coming to SharePoint and how they will impact you and your organization.
What is OneDrive for Business and What Does it Do?ShareGate
The core purpose of OneDrive for Business is to offer users a personal storage space for their work. With 1TB of available storage space, combined with the ability to synchronize files offline, it quickly became a major player on the market! Let’s take a detailed look at what it is, and what it does!
The long awaited SharePoint 2016 is finally coming! As Microsoft is expected to release in the Spring of 2016, Benjamin Niaulin, Office Servers & Services MVP at Sharegate, gives us the grand tour of the new SharePoint features!
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
3. • Management at scale in Azure
• What we used to do
• Say hello to Azure Resource Graph
• Query syntax and basics
• ARG in the portal
• ARG outside the portal
• ARG and Azure Policy
• Q&A
Agenda
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
9. Typical script
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
Lookup for all resources of a specific type
• Get subscription list
• Change context for each subscription
• Query
$ErrorActionPreference = 'Stop'
$subcriptions = Get-AzSubscription
$results = $subcriptions | ForEach-Object {
$_ | Set-AzContext | Out-Null
Write-Host ('Scanning subscription {0}' -f $_.Name) -ForegroundColor Green
Get-AzResource -ResourceType 'Microsoft.Storage/storageAccounts'
}
#do something with $results
$results
18. Azure
Resource Graph
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
where operator
Filters to the subset of rows that satisfy a predicate.
https://docs.microsoft.com/en-
us/azure/kusto/query/whereoperator
// all web sites
Resources
| where type =~ "Microsoft.Web/sites"
// all resources not global or canada, excluding networkwatchers and
Microsoft insights types
Resources
| where location !contains 'global' and location !contains 'canada'
| where type !~ 'Microsoft.Network/networkwatchers'
| where type !startswith 'microsoft.insights/'
20. Azure
Resource Graph
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
extend operator
Create calculated columns and append them to the
result set.
https://docs.microsoft.com/en-
us/azure/kusto/query/extendoperator
// all web certificates that expires within 90 days
Resources
| where type =~ "Microsoft.Web/certificates" and
properties.expirationDate <= now(90d)
| extend expirationDate = tostring(properties.expirationDate)
| project subscriptionId, resourceGroup, name, location,
thumbprint = properties.thumbprint, expirationDate,
friendlyName = properties.friendlyName, subjectName =
properties.subjectName
| sort by expirationDate asc
21. Azure
Resource Graph
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
summarize operator
Produces a table that aggregates the content of the
input table.
https://docs.microsoft.com/en-
us/azure/kusto/query/summarizeoperator
// count of all resources by subscription and location
Resources
| summarize count() by subscriptionId, location
// count of storage accounts with HTTP enabled by location
Resources
| where type =~ 'Microsoft.Storage/storageAccounts'
| where properties.supportsHttpsTrafficOnly == 'false'
| summarize count = count() by location
22. Azure
Resource Graph
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
Querying over tags
Use tags.name or tags['name'] construct to query
tags on resources.
https://docs.microsoft.com/en-
us/azure/kusto/query/extendoperator
// return all resources with the value 'production' in the
'environment' tag
Resources
| where tags['environment'] =~ 'production'
| project subscriptionId, resourceGroup, name, tags
// return all resources where the tag 'environment' is not present
Resources
| where isempty(tags['environment'])
| project subscriptionId, resourceGroup, name, tags
27. PowerShell
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
How to use Azure Resource Graph in PowerShell
• Install Az modules
• Install Az.ResourceGraph module
• Use Search-AzGraph cmdlet
$pageSize = 100
$iteration = 0
$searchParams = @{
Query = 'where type =~ "Microsoft.Network/applicationGateways" | project id, subscriptionId, subscriptionDisplayName
, resourceGroup, name, sslCertificates = properties.sslCertificates | order by id'
First = $pageSize
Include = 'displayNames'
}
$results = do {
$iteration += 1
Write-Verbose "Iteration #$iteration"
$pageResults = Search-AzGraph @searchParams
$searchParams.Skip += $pageResults.Count
$pageResults
Write-Verbose $pageResults.Count
} while ($pageResults.Count -eq $pageSize)
28. Azure CLI
Theeasiest,mostefficientwaytomanageAzuresubscriptionsatscale
How to use Azure Resource Graph in Azure CLI
• Install Azure CLI
• Install resource-graph extension
• Use az graph query
// Request a subset of results, skipping 20 items and getting the next 10.
az graph query -q "where type =~ "Microsoft.Compute" | project name, tags" --first 10 --
skip 20
// Choose subscriptions to query.
az graph query -q "where type =~ "Microsoft.Compute" | project name, tags" –subscriptions
11111111-1111-1111-1111-111111111111, 22222222-2222-2222-2222-222222222222
Without the right tools, it can get messy pretty quickly
If you don’t have visibility and control over what is happening in your environments, things will get like this at some point
* Register the Newsletter for upcoming webinars around Azure Governance
MG:
• Highest assignation level
• Can have none, one or many subscriptions
• Enable assignation at MG level of:
Role Based Access Control (RBAC)
Azure Policy
Cost Management
Azure Security Center
And more
Policy:
Enable you to set strict rules over what resources and types people can create
Audit your environments for compliance
Take remediation if resources are non-compliant
Azure Resource Manager without the help of ARG currently supports queries over basic resource fields,
specifically - Resource name, ID, Type, Resource Group, Subscription, and Location.
Resource Manager also provides facilities for calling individual resource providers for detailed properties one resource at a time.
You can make it work, but it is not a fun job and requires you to go over each subscriptions one at a time and do your queries
It is not fun with 10 subscription, just imagine over 100s or 1000s of subscriptions
Azure Resource Graph is a service in Azure that is designed to extend Azure Resource Management by providing
efficient and performant resource exploration with the ability to query at scale across a given set of subscriptions
so that you can effectively govern your environment.
Azure Resource Graph powers Azure portal's search bar, the new browse 'All resources' experience, and Azure Policy's Change history visual diff. It's designed to help customers manage large-scale environments.
Ability to query resources with complex filtering, grouping, and sorting by resource properties.
Ability to iteratively explore resources based on governance requirements.
Ability to assess the impact of applying policies in a vast cloud environment.
Ability to detail changes made to resource properties (preview).
Access the properties returned by resource providers without needing to make individual calls to each resource provider.
View the last 14 days of change history made to the resource to see what properties changed and when. (preview)
It's important to understand that Azure Resource Graph's query language is based on the Kusto query language used by Azure Data Explorer.
Resource Graph supports all KQL data types, scalar functions, scalar operators, and aggregation functions. Specific tabular operators are supported by Resource Graph, some of which have different behaviors.
Azure Data Explorer capabilities is the backend of other services built on its powerful query language, including Azure Monitor logs, Application Insights, Time Series Insights, and Windows Defender Advanced Threat Protection.
NOTE: When limiting the join results with project, the property used by join to relate the two tables, subscriptionId in the above example, must be included in project.
Schema browser
visualization - charts
pin query visualization to dashboard
Get queries from github repository – vm without managed disks
Create dynamically query with restriction to : subscriptionId == '0eb8caba-9df3-4cdc-b951-a28f58890ab9'