cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Azure Resource Graph Explorer for Microsoft.Web resources
By
kalvp
Published Apr 17 2023 11:48 PM 7,498 Views
kalvp
Microsoft
‎Apr 17 2023 11:48 PM

Azure Resource Graph Explorer for Microsoft.Web resources

‎Apr 17 2023 11:48 PM

Azure Resource Graph

 

Azure Resource Graph is an Azure service designed to extend Azure Resource Management by providing efficient and performant resource exploration with the ability to query at scale across a given set of subscriptions so that you can effectively govern your environment.

These queries provide the following abilities:

  • Query resources with complex filtering, grouping, and sorting by resource properties.
  • Explore resources iteratively based on governance requirements.
  • Assess the impact of applying policies in a vast cloud environment.
  • Query changes made to resource properties (preview).

Below are few resource types supported by Azure Resource Graph:

 

  • Microsoft.web/apimanagementaccounts
  • Microsoft.web/apimanagementaccounts/apis
  • Microsoft.web/certificates
  • Microsoft.Web/connectionGateways (On-premises Data Gateways)
  • Microsoft.Web/connections (API Connections)
  • Microsoft.Web/customApis (Logic Apps Custom Connector)
  • Microsoft.Web/HostingEnvironments (App Service Environments)
  • Microsoft.Web/KubeEnvironments (App Service Kubernetes Environments)
  • Microsoft.Web/serverFarms (App Service plans)
  • Microsoft.Web/sites (App Services)
  • Microsoft.web/sites/premieraddons
  • Microsoft.Web/sites/slots (App Service (Slots))
  • Microsoft.Web/StaticSites (Static Web Apps)
  • Microsoft.Web/WorkerApps (Container Apps)

How to Explore Azure Graph Explorer on Azure portal:

 

Go to Azure Portal > Search for Resource Graph 

Use Resource Graph Explorer for executing the queries.

 

kalvp_25-1681796231709.png

 

Access Resource explorer directly from Resource Group

 

kalvp_36-1681797584363.png

 

To list all sites across all subscriptions and resources groups:

 

resources

| where type == "microsoft.web/sites"

 

kalvp_26-1681796307797.png

 

To view all your sites that are located in West US:

 

resources

| where type == "microsoft.web/sites"

| where location == "westus"

 

List all your apps by specific property

To view all your running sites, you can drill into the “properties” object: List all your apps by specific property

 

resources
| where type == "microsoft.web/sites"
| where properties.state == "Running"

 

List Apps based on Stack

You can drill into properties object for getting stack used by the app, below is the sample query for Python 3.6

 

resources
| where type == 'microsoft.web/sites'
| where subscriptionId =~ '<SubIdHere>'
| where properties.siteProperties.properties contains "Python|3.6"

 

To get sites count by region:

 

resources
| where type == "microsoft.web/sites"
| summarize count() by location

kalvp_27-1681796599681.png

 

 

Quickly Discover any expiring certificates for Azure App Services using azure graph queries

We can make use of Azure Resource Graph to make cross-subscription queries to see if I have any upcoming expiring certificates.

To learn more on Azure Graph Queries, click here.

 

Get all web app certificates

This will get you a list of all the app service certificates you have in your subscription(s).

 

resources

| where type == "microsoft.web/certificates"

 

kalvp_28-1681796748191.png

 

To simplify the overview, we can limit the properties we return:

 

resources

| where type == "microsoft.web/certificates"

| project resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

 

kalvp_30-1681796880652.png

 

Get the Expiration Date of certificates:

 

resources

| where type == "microsoft.web/certificates"

| extend ExpirationDate = todatetime(properties.expirationDate)

| project ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

| order by ExpirationDate asc           

                             

kalvp_31-1681796928111.png

 

Get the number of days until expiration:

 

resources

| where type == "microsoft.web/certificates"

| extend ExpirationDate = todatetime(properties.expirationDate)

| extend DaysUntilExpiration = datetime_diff("day", ExpirationDate, now())

| project DaysUntilExpiration, ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer

| where ExpirationDate < now() + 60d

| order by DaysUntilExpiration

 

kalvp_32-1681796987047.png

 

Group by month for easy visualization:

 

resources

| where type == "microsoft.web/certificates"

| extend ExpirationDate = todatetime(properties.expirationDate)

| extend ExpirationYear = getyear(ExpirationDate)

| extend ExpirationMonth = format_datetime(ExpirationDate, 'yyyy-MM')

| extend DaysUntilExpiration = datetime_diff("day", ExpirationDate, now())

| summarize count() by ExpirationMonth

| order by ExpirationMonth asc

 

You can also pin these results, and visualizations, to your Azure Dashboards(Private/Shared).

 

kalvp_33-1681797056410.png

Use Get Started view for more queries available by default:

 

kalvp_34-1681797082238.png

 

To know more abput Azure resource graph queries, please refer here.

 

Please feel free to comment for any queries!

 

 

 

 

0 Likes
Like
Co-Authors
Version history
Last update:
‎May 08 2023 03:22 AM
Updated by:
Labels