Azure Governance
Azure Governance is a portfolio of platform capabilities that helps customers address the need for control at scale without sacrificing developer agility. This includes services like Azure Policy, Azure Blueprints, Azure Resource Graph & Management Groups.
More details about the services are available in the Azure Governance documentation. If you have a technical issue, please open a post on the developer forums through Stack Overflow.
Products that we listen to in this space include: Azure Policy, Azure Blueprints, Azure Resource Graph, Azure Subscriptions and Azure Management Groups
-
Visualize Resource Graph in PowerBI
I can today make querys and export to visualize in Power BI. It would be nice to somehow easier connect from Power BI to Resource Graph to visualize Resources.
75 votes -
Ability to query for role assignments in Azure Resource Graph
Please add support for listing all role assignments
Resource Type: Microsoft.Authorization/roleAssignments
https://docs.microsoft.com/en-us/azure/templates/microsoft.authorization/2017-09-01/roleAssignments
59 votesWe’d appreciate your feedback and input via this survey: https://forms.office.com/r/jEKM44h4sN
-
Ability to query SQL Server firewall rules
Please add support for type :
Microsoft.Sql/servers/firewallRules
30 votes -
Resource Graph - support for type microsoft.web/sites/config
support type 'microsoft.web/sites/config' to get the all the data nodes under config type
29 votes -
Store resource changes for more than 14 days
Ability to store Azure resource changes for more than 14 days
23 votes -
Resource Graph type for Management Groups
Add Management Groups as a resource type for Resource Graph. This would allow for writing queries that target subscriptions that are in a specific Management Group. This is extremely helpful for enterprises that have a lot of subscriptions that are being organized with Management Groups.
22 votesWe’ve started work on adding MG as a type in the ResourceContainers table. You also have the option to pass in your management group IDs as the scope in the request body to Azure Resource Graph.
-
Support querying of deleted resources via the Azure Resource Graph
It would be useful if you could query for deleted resources via the ARG. For example:
where deleted == true22 votesThanks for the feedback. We’ll review this ask, and meanwhile, any additional votes will be used to better understand the priority.
-
Query Policy Exemptions in Resource Graph
Either from the Resources table or from the PolicyResources table, get a list will all the metadata for exemptions. Something like:
policyresources
| where type == "microsoft.policyinsights/policyexemptions"20 votes -
Azure Monitor Diagnostic Settings via Resource Graph
Hi would like to verify/visualize via Resource Graph that all my NSGs have enabled logging via Azure Monitor. Currently, this is only possible for NSG flow logs via Traffic Manager, however, to get all necessary entries, logging needs to be enabled via Azure Monitor Diagnostics too.
So please, add support for querying Azure Monitor Diagnostic settings via Azure Resource Graph.
13 votes -
Azure Storage File share available in resource graph
Right now, the file share information of a storage account is not available in the resource graph.
ie. it would allow to list the file share of a subscription, compute the global storage size or simulate the pricing.11 votesCurrently our priorities are on control plane collective GETs. File share GETs are at the storage account data plane request scope, which is out of scope for the near future. We will reach out and provide an update when this is our priority / we start work on this feature.
-
PIM add support in the Graph API to query Azure resources roles audit logs.
We can query Azure AD roles in PIM for our conformity report but have to log-in to the portal manually for PIM roles on Azure Resource.
Works for PowerBI Admin Roles but not for "Contributor" role in Subscription X.
11 votesHi!
Can you please provide more details on what your scenario is here? Specifically, how you’re expecting AAD results and how this ties into PowerBI.
Best,
ARG PMs -
Include core counts for VMs for the purpose of cross-joins with other data
It would be great to have some of other meta data exposed within Resource Graph. More specifically a way to get the number of cores that a VM size has. This would be valuable for queries to show the total number of cores that are used. Right now, we have to export out the results of the Resource Graph and convert the VM SKU to the number of cores outside of Resource Graph. Having it within the Resource Graph would allow us to do joins within our queries to get a single report with all of the information that we…
10 votes -
Ability to query budget and forecast in Azure Resource Graph
Please add the ability to query budget and forecast in Azure Resource Graph. This will allow the creation of dynamic and filterable cost management dashboards
9 votes -
Grafana plugin for Resource Graph
We love the Grafana plugins for Log Analytics, Appinsights, ADE. Can we see a plugin for Azure Resource Graph next?
8 votesYou can use Resource Graph Explorer in the Azure Portal to do queries and save and pin to your Azure dashboard. Would this serve your scenario.
-
Support history for resources
For scenarios where we need the resources to be synced into an external store, we want the history so that I don't need to scan all the resources again.
8 votesWould you be able to further explain your scenarios? Are you looking for snapshots of your resources at different times, or are you looking to track changes made to the resources?
-
Access Resource Graph through Kusto.Explorer
It would be great to access Azure Resource Graph through our normal tooling of Kusto.Explorer to enable our normal workflows, and storage of queries through our normal Git repositories.
7 votes -
Add Evaulaute and Bag_Unpack()
Adding the Evaluate plugin operator to Azure Resource graph would allow more options with ARG queries. Including pivot, narrow and in particular bag_unpack
bagunpack would be very valuable to have in ARG because of all the nested JSON fields. Using bagunpack would allow you to unpack a nested field which would put all the key value pairs in that nested field as their own colums instead of nested inside one column thats a dynamic type.
7 votes -
Resource Graph - support for Microsoft.Web/sites/networkConfig
In order to access network info about appservice plans/webapp/functions access to Microsoft.Web/sites/networkConfig throught Resource Graph would be useful
6 votes -
I'd like to leverage the resource graph explorer tool to be able to analyse cost and expenditures.
I want to be able to create graphs that show details on cost and expenditures.
how much are resources X costing me, if i make these changes how will that price change, so on and so on .6 votes -
Ability to query for DNS Zones CNAME type in Azure Resource Graph
I am able to filter out resources by provider (e.g., 'Microsoft.Network') and higher-level types (e.g., 'Microsoft.Network/dnszones'). However, not all resource types are supported by Resource Graph. For example, DNS Zone record types aren't supported. I would like to get a response for a query like this one:
az graph query -q "where type =~ 'microsoft.network/dnszones/cname'"
6 votes
- Don't see your idea?