Share via

Azure Audit New Resources Creation

Razzi29 331 Reputation points
2023-04-18T23:16:51.1666667+00:00

I’m trying to accomplish how can I get notify if a user/admin creates any new resource on azure tenant such as a new vm, storage account, database, etc etc anything.. I want to be able to get notify and generate report where possible. Also, in relation to this, I want to be able to export a list of all resources on a weekly basis, such as exporting to csv file either from azure cli/ ps or using a VM inside Azure to do it.

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,585 questions
Azure Automation
Azure Automation
An Azure service that is used to automate, configure, and install updates across hybrid environments.
1,195 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,635 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions
Accepted answer
  1. James Hamil 23,216 Reputation points Microsoft Employee
    2023-04-20T19:31:38.0233333+00:00

    Hi @Razzi29 , to get notified when a new resource is created in your Azure tenant, you can use Azure Event Grid and Azure Automation to trigger a runbook when a new resource is created. Here's a high-level overview of the steps:

    1. Import an Event Grid sample runbook into Azure Automation.
    2. Create an optional Microsoft Teams webhook for notifications.
    3. Create a webhook for the runbook.
    4. Create an Event Grid subscription.
    5. Create a VM that triggers the runbook. For exporting a list of all resources on a weekly basis, you can use Azure Cost Management to schedule exports of your Azure usage details into your Azure Storage accounts as blobs. You can then use tools like AzCopy or Azure Storage Explorer to download the exported CSV files. Here's a high-level overview of the steps to create a scheduled export in Azure Cost Management:
    6. Create a daily month-to-date export for a subscription.
    7. Configure the export with the required information, such as subscription ID, resource group name, and storage account details.
    8. Set the export schedule and format (CSV). After setting up the scheduled export, you can use tools like AzCopy or Azure Storage Explorer to download the exported CSV files to your local machine or another storage location. For more details on setting up Azure Event Grid and Azure Automation, refer to this tutorial. For more information on setting up Azure Cost Management exports, refer to this guide. Please let me know if you have any questions and I can help you further. If this answer helped you please mark it as "Verified" so other users can reference it. Thank you, James
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Andrew Blumhardt 9,776 Reputation points Microsoft Employee
    2023-04-19T00:38:54.35+00:00

    These are all part of the Azure Activity log. There should be some workbooks in Azure monitor for reporting. You can also create free alerts.

    https://learn.microsoft.com/en-us/azure/azure-monitor/alerts/alerts-types#activity-log-alerts

    1 person found this answer helpful.
    0 comments
  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more