steampipe plugin install azure

Table: azure_management_group - Query Azure Management Groups using SQL

Azure Management Groups offer a level of scope above subscriptions. They provide a hierarchical structure for unified policy and access management across multiple Azure subscriptions. Management groups allow you to organize subscriptions into containers called "management groups" and apply your governance conditions to the management groups.

Table Usage Guide

The azure_management_group table provides insights into Management Groups within Azure. As a system administrator or a DevOps engineer, explore group-specific details through this table, including group hierarchy, subscription associations, and associated metadata. Utilize it to uncover information about groups, such as their structure, the subscriptions they contain, and the policies applied to them.

Important notes:

  • You need to have at least read access to the specific management group to query this table.

Examples

Basic info

Explore the management groups within your Azure environment to understand their types and the tenants they belong to. This can help in identifying who last updated these groups, aiding in accountability and tracking changes.

select
id,
name,
type,
tenant_id,
updated_by
from
azure_management_group;
select
id,
name,
type,
tenant_id,
updated_by
from
azure_management_group;

List children for management groups

Explore the updated information of Azure Management Groups, including the associated children groups. This is useful for understanding the hierarchical structure and changes made within your Azure Management Groups.

select
name,
updated_by,
jsonb_pretty(children) as children
from
azure_management_group;
select
name,
updated_by,
children
from
azure_management_group;

List parent details for management groups

Explore which management groups in Azure have been recently modified and by whom. This can provide insights into changes in the organizational structure and help maintain accountability.

select
name,
updated_by,
jsonb_pretty(parent) as parent
from
azure_management_group;
select
name,
updated_by,
parent
from
azure_management_group;

Schema for azure_management_group

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
childrenjsonbThe list of children of the management group.
display_nametextThe friendly name of the management group.
idtextThe fully qualified ID for the management group.
nametext=The name of the management group.
parentjsonbThe associated parent management group.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
tenant_idtextThe AAD Tenant ID associated with the management group.
titletextTitle of the resource.
typetextThe type of the management group.
updated_bytextThe identity of the principal or process that updated the management group.
updated_timetimestamp with time zoneThe date and time when this management group was last updated.
versiondouble precisionThe version number of the management group.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azure

You can pass the configuration to the command with the --config argument:

steampipe_export_azure --config '<your_config>' azure_management_group