Optimize Your Azure Tenant Configuration
Azure Quick Review (azqr) is a powerful command-line tool that analyzes Azure resources to ensure compliance with best practices developed by Carlos Mendible.
You can swiftly conduct a high-level assessment of your “Azure Subscription” or “Resource Group.”
The output generated by?AZQR?is written by default to an Excel file, which contains the following sheets:
Recommendations: a list with all recommendations with the number of resources that are impacted. You can use this table as an action plan to improve the compliance of your resources.
Installation of AZQR
Install on Windows
winget install azqr
Install on Mac
brew install azqr
Install on Linux or Azure Cloud Shell (Bash)
latest_azqr=$(curl -sL https://api.github.com/repos/Azure/azqr/releases/latest | jq -r ".tag_name" | cut -c1-)
wget https://github.com/Azure/azqr/releases/download/$latest_azqr/azqr-ubuntu-latest-amd64 -O azqr
chmod +x azqr
?Run the AZQR tool
To execute the tool, you must log in to your Azure Tenant using an account that possesses the minimum ‘Subscription Reader’ role.
az login
To scan all resource groups in all subscriptions:
./azqr scan
To scan all resource groups in a specific subscription:
领英推荐
./azqr scan -s <subscription_id>
To scan a specific resource group in a specific subscription:
./azqr scan -s <subscription_id> -g <resource_group_name>
To scan all resources in a specific management group run:
./azqr scan --management-group-id <management_group_id>
To include or exclude specific subscriptions, resource groups, services, or recommendations. create a yaml file with the following format and run:
./azqr scan --filters <path_to_yaml_file>
Yaml file format:
azqr:
include:
subscriptions:
- <subscription_id> # format: <subscription_id>
resourceGroups:
- <resource_group_resource_id> # format: /subscriptions/<subscription_id>/resourceGroups/<resource_group_name>
resourceTypes:
- <resource type abbreviation> # format: Abbreviation of the resource type. For example: "vm" for "Microsoft.Compute/virtualMachines"
exclude:
subscriptions:
- <subscription_id> # format: <subscription_id>
resourceGroups:
- <resource_group_resource_id> # format: /subscriptions/<subscription_id>/resourceGroups/<resource_group_name>
services:
- <service_resource_id> # format: /subscriptions/<subscription_id>/resourceGroups/<resource_group_name>/providers/<service_provider>/<service_name>
recommendations:
- <recommendation_id> # format: <recommendation_id>
For information on available commands and help run:
./azqr -h
Notes:
Azure Quick Review (azqr) obfuscates Subscription IDs in the output to protect sensitive information and maintain data privacy and security. To display the Subscription IDs without obfuscation, use this flag:
--mask=false
Azure Quick Review can generate CSV files with the same information as Excel. To do this, use this flag:
--csv
Power BI template is available to visualize Azure Quick Review results. Create the template by running AZQR with the pbi command and then loading the Excel file generated by the tool.
azqr pbi -p 'Path where the PowerBI template will be created'
To learn more about the recommendations used by?Azure Quick Review (azqr), you can refer to the documentation available?here.
Thanks for reading! For more insights and resources, visit my portfolio at fadysamy.com. Feel free to reach out - I’m always happy to connect!
Infraestrutura de TI | Seguran?a da Informa??o | Cyber Security | ágil | Scrum
1 个月André Serra
Managed Services Lead @ KlayyTech | Multi-Cloud Solution Architect | Enterprise Architecture | Microsoft Certified Trainer
1 个月Useful tips