Azure- Count the Azure Resources using the Cloud Custodian

Identify and count the resources using the cloud custodian

Now that you are using the Azure Cloud and have hundreds of subscriptions, it is very important to know the inventory, ownership and purposes of those resources. Azure has made it very intuitive and simple to see “All Resources” in one GUI window. It also allows you to filter with various parameters and export the result into a CSV format.

Exporting the results into CSV format is huge.

An Open Source Tool called Cloud Custodian is a serverless rule engine which allows you to write various YAML policies and store the output to storage blob. In this article, we wrote some policies which identifies and count the resources like DNSZones, KeyVault, Storage, SQLDatabase, SQLServer, and many other resources.

Example#1: Find all DNS Zones in the Subscription

policies:
- name: dnszone-identify-them-all
  resource: azure.dnszone
  comment: |
    Find all DNS Zones in the subscription. This policy runs every 
    Sunday at 9:25AM UTC (CST time: 3:25AM).
  mode:
    schedule: 0 25 9 * * 0
    type: azure-periodic
    provision-options: 
      identity: 
        type: UserAssigned 
        id: exampleid
    execution-options:
      output_dir…