azure_ad_groupazure_ad_service_principalazure_ad_userazure_alert_managementazure_api_managementazure_api_management_backendazure_app_configurationazure_app_service_environmentazure_app_service_function_appazure_app_service_planazure_app_service_web_appazure_app_service_web_app_slotazure_application_gatewayazure_application_insightazure_application_security_groupazure_automation_accountazure_automation_variableazure_backup_policyazure_bastion_hostazure_batch_accountazure_cdn_frontdoor_profileazure_cognitive_accountazure_compute_availability_setazure_compute_diskazure_compute_disk_accessazure_compute_disk_encryption_setazure_compute_disk_metric_read_opsazure_compute_disk_metric_read_ops_dailyazure_compute_disk_metric_read_ops_hourlyazure_compute_disk_metric_write_opsazure_compute_disk_metric_write_ops_dailyazure_compute_disk_metric_write_ops_hourlyazure_compute_imageazure_compute_resource_skuazure_compute_snapshotazure_compute_ssh_keyazure_compute_virtual_machineazure_compute_virtual_machine_metric_available_memoryazure_compute_virtual_machine_metric_available_memory_dailyazure_compute_virtual_machine_metric_available_memory_hourlyazure_compute_virtual_machine_metric_cpu_utilizationazure_compute_virtual_machine_metric_cpu_utilization_dailyazure_compute_virtual_machine_metric_cpu_utilization_hourlyazure_compute_virtual_machine_scale_setazure_compute_virtual_machine_scale_set_network_interfaceazure_compute_virtual_machine_scale_set_vmazure_consumption_usageazure_container_groupazure_container_registryazure_cosmosdb_accountazure_cosmosdb_mongo_collectionazure_cosmosdb_mongo_databaseazure_cosmosdb_restorable_database_accountazure_cosmosdb_sql_databaseazure_data_factoryazure_data_factory_datasetazure_data_factory_pipelineazure_data_lake_analytics_accountazure_data_lake_storeazure_data_protection_backup_jobazure_data_protection_backup_vaultazure_databox_edge_deviceazure_databricks_workspaceazure_diagnostic_settingazure_dns_zoneazure_eventgrid_domainazure_eventgrid_topicazure_eventhub_namespaceazure_express_route_circuitazure_firewallazure_firewall_policyazure_frontdoorazure_hdinsight_clusterazure_healthcare_serviceazure_hpc_cacheazure_hybrid_compute_machineazure_hybrid_kubernetes_connected_clusterazure_iothubazure_iothub_dpsazure_key_vaultazure_key_vault_certificateazure_key_vault_deleted_vaultazure_key_vault_keyazure_key_vault_key_versionazure_key_vault_managed_hardware_security_moduleazure_key_vault_secretazure_kubernetes_clusterazure_kubernetes_service_versionazure_kusto_clusterazure_lbazure_lb_backend_address_poolazure_lb_nat_ruleazure_lb_outbound_ruleazure_lb_probeazure_lb_ruleazure_lighthouse_assignmentazure_lighthouse_definitionazure_locationazure_log_alertazure_log_analytics_workspaceazure_log_profileazure_logic_app_workflowazure_machine_learning_workspaceazure_maintenance_configurationazure_management_groupazure_management_lockazure_mariadb_serverazure_monitor_activity_log_eventazure_monitor_log_profileazure_mssql_elasticpoolazure_mssql_managed_instanceazure_mssql_virtual_machineazure_mysql_flexible_serverazure_mysql_serverazure_nat_gatewayazure_network_interfaceazure_network_security_groupazure_network_watcherazure_network_watcher_flow_logazure_policy_assignmentazure_policy_definitionazure_postgresql_flexible_serverazure_postgresql_serverazure_private_dns_zoneazure_private_endpointazure_providerazure_public_ipazure_recovery_services_backup_jobazure_recovery_services_vaultazure_redis_cacheazure_resourceazure_resource_groupazure_resource_linkazure_role_assignmentazure_role_definitionazure_route_tableazure_search_serviceazure_security_center_auto_provisioningazure_security_center_automationazure_security_center_contactazure_security_center_jit_network_access_policyazure_security_center_settingazure_security_center_sub_assessmentazure_security_center_subscription_pricingazure_service_fabric_clusterazure_servicebus_namespaceazure_signalr_serviceazure_spring_cloud_serviceazure_sql_databaseazure_sql_serverazure_storage_accountazure_storage_blobazure_storage_blob_serviceazure_storage_containerazure_storage_queueazure_storage_share_fileazure_storage_syncazure_storage_tableazure_storage_table_serviceazure_stream_analytics_jobazure_subnetazure_subscriptionazure_synapse_workspaceazure_tenantazure_virtual_networkazure_virtual_network_gatewayazure_web_application_firewall_policy
Table: azure_resource - Query Azure Resources using SQL
Azure resources are entities managed by Azure, such as virtual machines, storage accounts, and network interfaces. This table allows you to query various details about these resources, including their properties, identities, tags, and more.
Table Usage Guide
The azure_resource table provides insights into resources within your Azure environment. As an Azure administrator, you can explore resource-specific details through this table, including resource IDs, names, types, provisioning states, and associated tags. Utilize it to manage and audit resources, verify configurations, and enforce governance policies.
Important notes:
- For improved performance, it is advised that you use the optional qual to limit the result set. Optional quals are supported for the following columns:
regiontypenameidentity_principal_idplan_publisherplan_nameplan_productplan_promotion_codeplan_versionresource_groupfilter
Examples
Basic Information
Retrieve basic information about all Azure resources, including their names, types, and regions.
select name, type, regionfrom azure_resource;select name, type, regionfrom azure_resource;Filter by resource type
Get a list of all virtual networks.
select name, type, regionfrom azure_resourcewhere filter = 'resourceType eq ''Microsoft.Network/virtualNetworks''';select name, type, regionfrom azure_resourcewhere filter = 'resourceType eq ''Microsoft.Network/virtualNetworks''';Retrieve resources with specific tag key
Fetch resources that have specific tags associated with them.
select name, type, tagsfrom azure_resourcewhere filter = 'startswith(tagName, ''cost'')';select name, type, tagsfrom azure_resourcewhere filter = 'startswith(tagName, ''cost'')';Get Resource identity details
List resources along with their identity principal IDs and types.
select name, type, identity_principal_id, identity ->> 'type' as identity_type, identify -> 'userAssignedIdentities' as user_assigned_identitiesfrom azure_resource;select name, type, identity_principal_id, json_extract(identity, '$.type') as identity_type, json_extract(identity, '$.userAssignedIdentities') as user_assigned_identitiesfrom azure_resource;List managed resources
Identify resources that are managed by other resources.
select name, type, managed_byfrom azure_resourcewhere managed_by is not null;select name, type, managed_byfrom azure_resourcewhere managed_by is not null;Schema for azure_resource
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| changed_time | timestamp with time zone | The changed time of the resource. | |
| cloud_environment | text | The Azure Cloud Environment. | |
| created_time | timestamp with time zone | The created time of the resource. | |
| extended_location | jsonb | Resource extended location. | |
| filter | text | = | The filter to apply on the operation. |
| id | text | = | Resource ID. |
| identity | jsonb | The identity of the resource. | |
| identity_principal_id | text | =, != | The principal ID of resource identity. |
| kind | text | The kind of the resource. | |
| managed_by | text | ID of the resource that manages this resource. | |
| name | text | =, != | Resource name. |
| plan_name | text | =, != | The plan ID. |
| plan_product | text | =, != | The plan offer ID. |
| plan_promotion_code | text | =, != | The plan promotion code. |
| plan_publisher | text | =, != | The plan publisher ID. |
| plan_version | text | =, != | The plan's version. |
| properties | jsonb | The resource properties. | |
| provisioning_state | text | The provisioning state of the resource. | |
| region | text | =, != | The Azure region/location in which the resource is located. |
| resource_group | text | =, != | The resource group which holds this resource. |
| sku | jsonb | The SKU of the resource. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| subscription_id | text | =, !=, ~~, ~~*, !~~, !~~* | The Azure Subscription ID in which the resource is located. |
| tags | jsonb | A map of tags for the resource. | |
| title | text | Title of the resource. | |
| type | text | =, != | Resource type. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- azureYou can pass the configuration to the command with the --config argument:
steampipe_export_azure --config '<your_config>' azure_resource