PS command to list all VMs from each subscription along with periodic assessment and patch status

Question

Is there any PS command to list all virtual machines from each subscription along with periodic assessment status and export the result to CSV Please share Thank you

Answer 1

Hi Varma,

Please see the following script:

# Get All Subscriptions
$subs = Get-AzureRmSubscription

# Array to store list of VMs
$VMReport = @()

# Loop through each subscription
foreach ($sub in $subs) {
    # Display the current processing subscription
    Write-Host "Processing subscription $($sub.Name)"

    try {
        # Select the subscription
        # Add conditions here if you want to skip a particular subscription
        Select-AzureRmSubscription -SubscriptionId $sub.SubscriptionId -ErrorAction Continue

        # Get all the VMs information
        $vms = Get-AzureRmVm

        # Loop through all the VMs
        foreach ($vm in $vms) {
            Write-Host "$($vm.Name) $($vm.ResourceGroupName) $($vm.HardwareProfile.VmSize) $($vm.OsType) $($vm.ProvisioningState) $($vm.Location) $($vm.StorageProfile.OsDisk.Name)"

            # Create a new object and add it to the VMReport array
            $VMReport += New-Object psobject -Property @{
                "SubName"             = $sub.Name
                "VMName"              = $vm.Name
                "VMSize"              = $vm.HardwareProfile.VmSize
                "VMOSType"            = $vm.OsType
                "VMProvisioningState" = $vm.ProvisioningState
                "VMLocation"          = $vm.Location
                "VMOSDisk"            = $vm.StorageProfile.OsDisk.Name
            }
        }
    }
    catch {
        Write-Host "Error processing subscription $($sub.Name): $_"
    }
}

# Export to CSV format
$VMReport | Export-Csv "report.csv" -NoTypeInformation

Cited from https://learn.microsoft.com/en-us/answers/questions/992897/powershell-script-to-get-list-of-all-vms-in-all-su

If this is helpful please accept answer.

Answer 2

Hello, @Varma !

What PowerShell or Azure CLI command can I use to view Virtual Machines with Periodic Assessment enabled?

Currently monitoring whether or not Periodic Assessment is enabled on a VM is only available in the Azure portal:

https://learn.microsoft.com/en-us/azure/update-manager/periodic-assessment-at-scale#monitor-if-periodic-assessment-is-enabled-for-your-machines

This procedure applies to both Azure and Azure Arc-enabled machines.

1. Go to Policy in the Azure portal and select Authoring > Definitions.
2. From the Category dropdown, select Update Manager. Select Machines should be configured to periodically check for missing system updates.
3. When Policy definition opens, select Assign.
4. On the Basics tab, select your subscription as your scope. You can also specify a resource group within your subscription as the scope. Select Next.
5. On the Parameters and Remediation tabs, select Next.
6. On the Non-compliance message tab, provide the message that you want to see if there was noncompliance. For example, use Your machine doesn't have periodic assessment enabled. Select Review + Create.
7. On the Review + Create tab, select Create to trigger Assignment and Remediation Task creation, which can take a minute or so.

You can monitor compliance of resources under Compliance and remediation status under Remediation on the Azure Policy home page.

---

I hope this has been helpful! Your feedback is important so please take a moment to accept answers.

If you still have questions, please let us know what is needed in the comments so the question can be answered. Thank you for helping to improve Microsoft Q&A!