Reputation: 1728
How to query all key vaults by tenant (in Azure)?
In the interest of avoiding duplicate names for various resources (like key vaults) in Azure, I want to be able to query across all subscriptions in our tenant to see the names already "taken". e.g., is there already a key vault named usw2-mkt-kv-001 in one of our subscriptions?
This article shows how to query all key vaults by subscription, but what about across all subscriptions? Or all services (including RGs, Storage accounts, key vaults, vms, etc.) across all subscriptions in our tenant - is there a way to query that?
Thank you
Upvotes: 0
Views: 1250
Answers (2)
Reputation: 48
You can (now) use the Azure resource graph to do this directly. https://learn.microsoft.com/en-us/azure/governance/resource-graph/samples/starter
search-azgraph -query 'Resources | where type == "microsoft.keyvault/vaults"'
Upvotes: 3
Reputation: 42063
There is no direct way to do that, these resources related REST APIs are all based subscription, it means you should specify a subscription id.
Your option is to use Subscriptions - List to list the subscriptions and loop specific REST APIs to query the keyvaults/other resources, make sure the user/service principal you used to get the token has an RBAC role in the subscriptions.
Upvotes: 1
Related Questions
- Search secret in Azure key vault
- Azure CLI not showing all keyvault vaults
- Get secrets in Azure Key vault from api management?
- Get All Secrets from Azure Key Vault with prefix
- Azure Key Vault - List all Apps (Managed Identities) requesting secretes
- Azure Key Vault Secrets Query
- Azure Key Vault get Secret from VMSS Instances
- Azure KeyVault iterate over all secrets in a vault
- List key vaults associated with AD user accounts?
- Not able to List All keys avaiable in my Azure Key Vault