Azure Resource Graph sample queries for Azure Key Vault
This page is a collection of Azure Resource Graph sample queries for Azure Key Vault.
Sample queries
Count key vault resources
This query uses count
instead of summarize
to count the number of records returned. Only key vaults are included in the count.
Resources
| where type =~ 'microsoft.keyvault/vaults'
| count
az graph query -q "Resources | where type =~ 'microsoft.keyvault/vaults' | count"
Key vaults with subscription name
The following query shows a complex use of join
with kind as leftouter. The query limits the joined table to subscriptions resources and with project
to include only the original field subscriptionId and the name field renamed to SubName. The field rename avoids join
adding it as name1 since the field already exists in resources. The original table is filtered with where
and the following project
includes columns from both tables. The query result is all key vaults displaying type, the name of the key vault, and the name of the subscription it's in.
Resources
| join kind=leftouter (ResourceContainers | where type=='microsoft.resources/subscriptions' | project SubName=name, subscriptionId) on subscriptionId
| where type == 'microsoft.keyvault/vaults'
| project type, name, SubName
az graph query -q "Resources | join kind=leftouter (ResourceContainers | where type=='microsoft.resources/subscriptions' | project SubName=name, subscriptionId) on subscriptionId | where type == 'microsoft.keyvault/vaults' | project type, name, SubName"
Next steps
- Learn more about the query language.
- Learn more about how to explore resources.