Quickstart: Create Resource Graph shared query using Bicep

In this quickstart, you use Bicep to create an Azure Resource Graph shared query. Resource Graph queries can be saved as a private query or a shared query. A private query is saved to the individual's Azure portal profile and isn't visible to others. A shared query is a Resource Manager object that can be shared with others through permissions and role-based access. A shared query provides common and consistent execution of resource discovery.

Bicep is a domain-specific language (DSL) that uses declarative syntax to deploy Azure resources. It provides concise syntax, reliable type safety, and support for code reuse. Bicep offers the best authoring experience for your infrastructure-as-code solutions in Azure.

Prerequisites

• If you don't have an Azure account, create a free account before you begin.
• Azure CLI or PowerShell and Azure PowerShell.
• Visual Studio Code.

Connect to Azure

From a Visual Studio Code terminal session, connect to Azure. If you have more than one subscription, run the commands to set context to your subscription. Replace <subscriptionID> with your Azure subscription ID.

Azure CLI

az login

# Run these commands if you have multiple subscriptions
az account list --output table
az account set --subscription <subscriptionID>

Azure PowerShell

From a Visual Studio Code terminal session, connect to Azure. If you have more than one subscription, run the commands to set context to your subscription. Replace <subscriptionID> with your Azure subscription ID.

Connect-AzAccount

# Run these commands if you have multiple subscriptions
Get-AzSubScription
Set-AzContext -Subscription <subscriptionID>

Review the Bicep file

In this quickstart, you create a shared query called Count VMs by OS. To try this query in SDK or in portal with Resource Graph Explorer, see Samples - Count virtual machines by OS type.

The Bicep file used in this quickstart is from Azure Quickstart Templates.

1. Open Visual Studio Code and create a new file.
2. Copy and paste the Bicep file into your new file.
3. Save the file as main.bicep on your local computer.

@description('The name of the shared query.')
param queryName string = 'Count VMs by OS'

@description('The Azure Resource Graph query to be saved to the shared query.')
param queryCode string = 'Resources | where type =~ \'Microsoft.Compute/virtualMachines\' | summarize count() by tostring(properties.storageProfile.osDisk.osType)'

@description('The description of the saved Azure Resource Graph query.')
param queryDescription string = 'This shared query counts all virtual machine resources and summarizes by the OS type.'

resource query 'Microsoft.ResourceGraph/queries@2018-09-01-preview' = {
  name: queryName
  location: 'global'
  properties: {
    query: queryCode
    description: queryDescription
  }
}

The resource defined in the Bicep file is: Microsoft.ResourceGraph/queries. To learn how to create Bicep files, go to Quickstart: Create Bicep files with Visual Studio Code.

Deploy the Bicep file

Create a resource group and deploy the Bicep file with Azure CLI or Azure PowerShell. Make sure you're in the directory where you saved the Bicep file. Otherwise, you need to specify the path to the file.

Azure CLI

az group create --name demoSharedQuery --location eastus
az deployment group create --resource-group demoSharedQuery --template-file main.bicep

Azure PowerShell

New-AzResourceGroup -Name demoSharedQuery -Location eastus
New-AzResourceGroupDeployment -ResourceGroupName demoSharedQuery -TemplateFile main.bicep

The deployment outputs messages to your shell. When the deployment is finished, your shell returns to a command prompt.

Review deployed resources

Use Azure CLI or Azure PowerShell to list the deployed resources in the resource group.

Azure CLI

az resource list --resource-group demoSharedQuery

Azure PowerShell

Get-AzResource -ResourceGroupName demoSharedQuery 

The output shows the shared query's name, resource group name, and resource ID.

Run the shared query

You can verify the shared query works using Azure Resource Graph Explorer. To change the scope, use the Scope menu on the left side of the page.

1. Sign in to Azure portal.
2. Enter resource graph into the search field at the top of the page.
3. Select Resource Graph Explorer.
4. Select Open query.
5. Change Type to Shared queries.
6. Select the query Count VMs by OS.
7. Select Run query and the view output in the Results tab.

You can also run the query from your resource group.

1. In Azure, go to the resource group, demoSharedQuery.
2. From the Overview tab, select the query Count VMs by OS.
3. Select the Results tab.

Clean up resources

When you no longer need the resource that you created, delete the resource group using Azure CLI or Azure PowerShell. When a resource group is deleted, the resource group and all its resources are deleted. And if you signed into Azure portal to run the query, be sure to sign out.

Azure CLI

az group delete --name demoSharedQuery

To sign out of your Azure CLI session:

az logout

Azure PowerShell

Remove-AzResourceGroup -Name demoSharedQuery

To sign out of your Azure PowerShell session:

Disconnect-AzAccount

Next steps

In this quickstart, you created a Resource Graph shared query using Bicep. To learn more about the Resource Graph language, continue to the query language details page.

Understanding the Azure Resource Graph query language