I wanted to create a report that should contain all the Azure Private Endpoints and to which specific resource type it is attached to. Is there a command-line way to figure this out? so that I can add them in my scripting to make the report?
If by "attached to", you're referring to the service connection, you can try:
az network private-endpoint list |
ConvertFrom-Json |
Select -Expand privateLinkServiceConnections
in which the privateLinkServiceId would contain the resource ID, which might contain the type you're looking for.
Related
I'm trying to figure out when a Linked Service was added to a Data Factory instance.
We capture all logs and metrics in Log Analytics but so far nothing seems to show when a Linked Service was created.
The closest I've got is querying the Azure Activity table for this ADF querying for Linked Services/Write and the specific Linked service as shown below:
| where OperationNameValue == "MICROSOFT.DATAFACTORY/FACTORIES/LINKEDSERVICES/WRITE
| where Properties contains "Name of my link service"
This is not telling me the info I need, which is to know when this linked service was created. Doing a distinct search on the OperationNameValue does not yield anything else related to Linked Services. Perhaps the data I'm looking for is somewhere else?
Thanks for any help you may provide.
To test this, I have created a ADF, linked service with blob storage and exported the activity logs to one of the log analytics workspaces.
Using the below KQL query I am able to pull the linked service creation time and followed by the caller who has created it.
AzureActivity
| where OperationNameValue contains "MICROSOFT.DATAFACTORY/FACTORIES/LINKEDSERVICES/WRITE" and ActivityStatusValue contains "Success"
| extend linkedservicename=tostring(Properties_d["resource"])
| where linkedservicename contains "<pass specific linked servicename>"
| project EventSubmissionTimestamp,_ResourceId,Caller
Here is the sample output for reference:
Alternatively, you can use the below PowerShell cmdlet as well to pull creation time of linked service.
Get-AzActivityLog -StartTime (get-date).AddDays(-90) -EndTime (get-date)| Where-Object {$_.Authorization.Action -like "MICROSOFT.DATAFACTORY/FACTORIES/LINKEDSERVICES/WRITE" -and $_.Status -like "Succeeded" } | Select EventTimestamp,SubmissionTimestamp,Caller,ResourceId| ConvertTo-Json
Here is the sample output of reference:
I have a resource group with some functions apps and an Azure Monitor Workbook.
In this workbook I want to list all apps.
How to do this? I only managed to get all apps in the subscription, which is too much.
First I created a Parameter to get the correct resource group:
resourcecontainers
| where type =~ "microsoft.resources/subscriptions/resourcegroups"
| where name startswith "foo"
| project name
And then a Parameter with the applications:
resources
| where type == "microsoft.web/sites"
| where resourceGroup == "{ResourceGroup}"
This is working, but I want to get rid of the hardcoded part in the ResourceGroup Parameter: foo
I'm looking for something like this:
resources
| where type == "microsoft.web/sites"
| where resourceGroup == "{_CurrentResourceGroup}"
there's no "built-in" parameters like that. is the workbook saved "linked" to a specific resource or is it saved to a place like "Azure Monitor" that isn't a full resource.
if it is saved linked to a real resource, you can get that "owning" resource as a parameter by creating a resource parameter with the "owning resource" option:
That parameter would always be the value of the resource that the workbook is linked to. you could then use to get the resource group/resource info. like {linkedToResource:resourceGroup} or {linkedToResource:subscriptionId} or whatever?
why is this not available as a thing in a workbook?
because the workbook might not be saved (it could be temporary thing you just started and never saved, it could be a template, etc) and until it is saved the workbook itself doesn't have a resource id, so it doesn't belong to a resource group.
I'm trying to use Get-AzAdvisorRecommendation command for automatic sending of emails to users, that appear in Advisor's alerts. Issue being, that Get-AzAdvisorRecommendation command does not show the actual description of the recommendation, like "Right-size or shutdown underutilized virtual machines" in the output. It only gives vague information like "ShortDescription: Microsoft.Azure.Commands.Advisor.Cmdlets.Models.PsRecommendationBaseShortDescription" and RecommendationTypeID.
Azure CLI "az advisor recommendation list" command does provide the information under "shortDescription" value. Is there any way to get the same information using Get-AzAdvisorRecommendation command?
Indeed. ShortDescription is returned in the response as a nested property. You can access it as follows:
Get-AzAdvisorRecommendation | Select-Object RecommendationTypeId, #{Name="ShortDescription"; Expression={$_.ShortDescription.Problem}}
Include (select) other properties as needed.
I am preparing a script, and I need the get a specific ID of a resources, I tried to use get-azurermresource but it gives me only value like - ResourceId. For me this is not an unique ID of this resorce because when we remove resource and re-create it with the same name mentioned ResourceId will be the same. I am able to get this unique ID in case of Azure VM, using cmd-let --> GetAzVM, I got --> VmId : 604f7764-7ffe-4be0-b313-81ca9deda5ad. But what about the rest of the resources? is there any method to get mentioned "unique ID" for other resources?
As far as the Azure platform is concerned, the ResourceID is the uniqueID. It contains the subscriptionId, and the name of the resource. While you are correct, if you delete a resource and create another of the same name in the same subscription it will have the same ResourceID, it still uniquely identifies that created resource at that time.
The VmId is an outlier that is used to uniquely identify not only that VM, but that VM across other VM deployments that might be created, deleted, and recreated. This is useful for things like licensing because it's set at the SMBIOS level and can't be changed. Most, if not all, other resource types don't have this type of identifier.
If you want something that will identify a resource across different deployment instances, that may be harder to do with information direct from the platform. You might have to handle that on your own. Tags might be an option depending on what you are trying to accomplish.
To get a truly unique ID you will need to incorporate your subscriptionID along with ResourceGroupName and Provider. That is how we do it on our backend. For example, a VM disk's ResourceID for the service fabric would look something like this (get-azurermresource will show this):
/subscriptions/a4cd20a0-af7c-4278-8875-dc54076450f8/resourceGroups/MY-ResourceGroup/providers/Microsoft.Compute/disks/my_dev_disk00455
I want to get ahold of the diagnostic settings for all network security groups. I was hoping the powershell cmdlet Find-AzureRmResource would work, but it seems like you can't search for sub-resources on sub-providers without specifying the parent resource.
I would have hoped something like this would work:
Find-AzureRmResource -ResourceType Microsoft.Network/networkSecurityGroups -ExtensionResourceType Microsoft.Insights/diagnosticSettings
However, this just returns the network security groups, and I think it is completely ignoring the ExtensionResourceType parameter. Here is an example of a resource ID for the diagnostic settings on an NSG:
/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/Microsoft.Network/networkSecurityGroups/{nsg-name}/providers/microsoft.insights/diagnosticSettings/service
I noticed that the Find-AzureRmResource cmdlet has an -ODataQuery parameter, so I wonder if I could get it to work if I knew what to pass to this parameter?
I did find that I can get the equivalent list like this, but it is really slow (when you have hundreds of NGSs) because it queries the diagnostic settings individually instead of returning them all in one shot:
Find-AzureRmResource -ResourceType Microsoft.Network/networkSecurityGroups | Get-AzureRmDiagnosticSetting
There is no single API call to retrieve all the diagnostic settings on all NSGs. If you have all the ARM resource ids for all NSGs, you will need to make multiple calls to Get-AzureRmDiagnosticSetting.
https://learn.microsoft.com/en-us/powershell/resourcemanager/azurerm.insights/v2.2.0/get-azurermdiagnosticsetting