Hub

HomeBlog
Docs



Azure Provider

The CloudQuery Azure provider pulls configuration out of Azure resources, normalizes them and stores them in PostgreSQL database.

Install

cloudquery init azure

Authentication

To authenticate cloudquery with your Azure account you can use any of the following options (see full documentation at AZURE SDK V2):

  • Client Credentials: AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CLIENT_SECRET
  • Client Certificate: AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_CERTIFICATE_PATH, AZURE_CERTIFICATE_PASSWORD
  • Resource Owner Password: AZURE_TENANT_ID, AZURE_CLIENT_ID, AZURE_USERNAME, AZURE_PASSWORD

Configuration

The following configuration section can be automatically generated by cloudquery init azure:

provider "azure" { configuration { // Optional. if you not specified, cloudquery tries to access all subscriptions available to tenant subscriptions = ["<YOU_SUBSCRIPTION_ID_HERE>"] } resources = [ // "compute.disks", // "resources.groups", // "keyvault.vaults", // "storage.accounts", // "mysql.servers", // "postgresql.servers", // "sql.servers", // "sql.databases", // "network.virtual_networks", ] }

By default cloudquery will fetch all configuration from all resources in all subscription. You can change this behaviour with the following arguments:

  • subscriptions (Optional) - Specify multiple subscriptions to fetch data from them concurrently.

Query Examples

Find all mysql servers

SELECT * FROM azure_mysql_servers;

Find storage accounts which allowing non https traffic

SELECT * from azure_storage_accounts where enable_https_traffic_only = false;

Find all expired key vault

SELECT * from azure_keyvault_vault_keys where attributes_expires >= extract(epoch from now()) * 1000;
Version

v0.3.1

Repository
Published at

Wed Jul 28 2021

Resources
  • Blog

All Rights Reserved.
Terms of ServicePrivacy Policy