How to get the list of Azure services consumed in the Org/Tenant.?

Question

Hello Team,

Am looking to prepare a LIVE Service catalog document for our product team reference to know which all services available within our tenant that can be consumed.

How do we export this services list from Azure.?

It should also contain AAD, SSL and other services as well.

Please advise.

Answer 1

Hello Rock Steps

Thank you for posting your query on Microsoft Q&A platform.

Azure does not currently provide a single native report or export that lists all Azure services available or consumed across an entire tenant. However, you can build a live service catalog by combining Azure Resource Graph, Microsoft Entra ID (AAD) data, and subscription‑level exports.

1. There is no tenant‑wide “service catalog” export in Azure
2. Azure does not track “enabled but unused” services
3. Azure only exposes services that have deployed resources or billable usage
4. Platform services like AAD, SSL, RBAC, Policy do not appear as ARM resources in one place

Please have a look into below supported & recommended approaches:

1. Azure Resource Graph – deployed services (core method): It gives you All Azure services that currently have resources deployed, Covers compute, storage, networking, App Services, databases, etc. Works across all subscriptions in the tenant

Below query returns Microsoft.Compute/virtualMachines, Microsoft.Web/sites and Microsoft.Storage/storageAccounts

Resources
| summarize ResourceCount = count() by type
| order by ResourceCount desc

Reference: https://learn.microsoft.com/en-us/azure/governance/resource-graph/overview

2. Azure Cost Management – billable services : it gives you the services that incurred cost and includes platform services that may not create ARM resources

You can:

• Go to Cost Management → Cost analysis
• Group by Service name
• Export to CSV

This is useful to validate actively used services.

Reference: https://learn.microsoft.com/en-us/azure/cost-management-billing/costs/cost-analysis-common-uses

3. Microsoft Entra ID (AAD) – identity & directory services: AAD will not appear in Resource Graph.

You must document separately:

• Microsoft Entra ID
• Conditional Access
• Enterprise Applications
• App registrations
• Identity Protection

Supported ways:

• Entra Admin Center (manual export)
• Microsoft Graph APIYou must document separately:
  • Microsoft Entra ID
  • Conditional Access
  • Enterprise Applications
  • App registrations
  • Identity Protection
  Supported ways:
  • Entra Admin Center (manual export)
  • Microsoft Graph API

4. SSL / Certificates: There is no central tenant‑wide SSL inventory.

You must collect from:

• Key Vault (certificates)
• App Service TLS bindings
• Application Gateway / Front Door

Example (Key Vault via ARG):

Resources
| where type == "microsoft.keyvault/vaults"

Could you please let us know if the solution shared in the comment addressed your query. If you have any other questions or need further support, please feel free to contact us.

Thanks,

Suchitra.

Answer 2

To get a list of Azure services consumed in your organization or tenant, you can utilize the Microsoft Cost Management tool. The ConsumedService represents the primary service or resource provider that you have used. This information can be exported to create a service catalog document.

Here’s a general approach:

1. Access Microsoft Cost Management: Navigate to the Cost Management section in the Azure portal.
2. Use the ConsumedService Data: Look for the ConsumedService data, which includes various services like Azure Active Directory (AAD), SSL, and others. This data can be exported for your documentation needs.
3. Export the Data: You can typically export this data in a format that suits your needs (like CSV or Excel).

For detailed steps on how to access and export this data, you may need to refer to the Azure documentation or your organization's Azure administrator for specific permissions and capabilities.