[QUERY] Execute Resource Graph Query with new SDK

Azure / azure-sdk-for-net

This repository is for active development of the Azure SDK for .NET. For consumers of the SDK we recommend visiting our public developer docs at https://learn.microsoft.com/dotnet/azure/ or our versioned developer docs at https://azure.github.io/azure-sdk-for-net.

MIT License

5.47k stars 4.8k forks source link

[QUERY] Execute Resource Graph Query with new SDK #32632

Closed davidobrien1985 closed 1 year ago

davidobrien1985 commented 1 year ago

Library name and version

Query/Question

Is there a new SDK for Resource Graph or do we still need to use Microsoft.Azure.Management.ResourceGraph? That hasn't been updated in a while and doesn't seem to work well with our overall code base using the new Azure.ResourceManager SDK.

Environment

No response

Petermarcu commented 1 year ago

I believe this is the new version. https://www.nuget.org/packages/Azure.ResourceManager.ResourceGraph/1.0.0-beta.1 @ArthurMa1978 can you confirm?

davidobrien1985 commented 1 year ago

@Petermarcu @ArthurMa1978 ah, I didn't search for pre-release packages. Thanks. However, any example available to actually execute a KQL query?

Petermarcu commented 1 year ago

@ArthurMa1978 it would be good to work with the service team to get the quickstarts like this one updated to show how to use the new library. https://learn.microsoft.com/en-us/azure/governance/resource-graph/first-query-dotnet

AtOMiCNebula commented 1 year ago

@davidobrien1985, I've found this to work with the new ResourceGraph SDK (though I can't have it deserialize into KeyVaultData, which I reported to the KeyVault SDK folks in #32584):

ArmClient client = new(credential);
TenantCollection tenants = client.GetTenants();
await foreach (TenantResource tenant in tenants)
{
    QueryContent query = new(@"
Resources
| where type == ""microsoft.keyvault/vaults""
| order by name asc
");
    QueryResponse response = await tenant.ResourcesAsync(query);
    IList<IDictionary<string, object>> vaultData = response.Data.ToObjectFromJson<IList<IDictionary<string, object>>>();
    // ...
}

shareonline commented 1 year ago

The description specifically says for scopes specified in the request.. It is as far as i can see not possible to define any scopes with the new SDK? So i have the option of making a resource graph query, across all tenants or my own tenant. But can't specify a list of subscriptions for instance like you can in the api. Is this by design or something missing?

Lets say i want all virtual machines across 4 subscriptions. Now i need to get all virtual machines across all subscriptions, and then filter the result locally. That's not very performant when that list is huge..

This would be ideal and should be supported for both subscriptions and Management groups:

xboxeer commented 1 year ago

@shareonline can you try the below code to limit your query in certain subscriptions?

shareonline commented 1 year ago

Yeah sorry. This has been closed for me at #33650 This of course works as intended :)