Azure Quick Review (azqr) goal is to produce a high level assessment of an Azure Subscription or Resource Group providing the following information for each Azure Service:
- SLA: current expected SLA
- Availability Zones: checks if the service is protected against Zone failures.
- Private Endpoints: checks if the service uses Private Endpoints.
- Diagnostic Settings: checks if there are Diagnostic Settings configured for the service.
- CAF Naming convention: checks if the service follows CAF Naming convention.
Azure Quick Review (azqr) uses a set of rules to determine the status of each Azure Service. These rules are listed in the rules documentation.
- Azure App Services
- Azure Functions
- Azure Container Apps
- Azure Kubernetes Service
- Azure Container Instances
- Azure Container Registry
- Azure API Management
- Azure Event Hub
- Azure Service Bus
- Azure Event Grid
- Azure SignalR Service
- Azure Web PubSub
- Azure Cache for Redis
- Azure Cosmos DB
- Azure Database for PostgreSQL Single Server
- Azure Database for PostgreSQL Flexible Server
- Azure Database for MySQL Single Server
- Azure Database for MySQL Flexible Server
- Azure SQL Database
- Azure Key Vault
- Azure App Configuration
- Azure Application Gateway
- Azure Front Door
- Azure Storage Account
- Azure Firewall
Azure Quick Review (azqr) also reports on the status of Microsoft Defender for Cloud plans.
latest_azqr=$(curl -sL https://api.github.com/repos/cmendible/azqr/releases/latest | jq -r ".tag_name" | cut -c1-)
wget https://github.com/cmendible/azqr/releases/download/$latest_azqr/azqr-ubuntu-latest-amd64 -O azqr
chmod +x azqrDownload the latest release from here.
azqr supports the following authentication methods:
- Azure CLI
- Service Principal. You'll need to set the following environment variables:
- AZURE_CLIENT_ID
- AZURE_CLIENT_SECRET
- AZURE_TENANT_ID
To scan all resource groups in all subscription run:
./azqr scanTo scan all resource groups in a specific subscription run:
./azqr scan -s <subscription_id>To scan a specific resource group in a specific subscription run:
./azqr scan -s <subscription_id> -g <resource_group_name>For information on available commands and help run:
./azqr -hAzure Quick Review (azqr) creates an excel spreadsheet with the results of the scan.
By default the Subscription Ids are masked in the spreadsheet.
Check the Azure Quick Review Scan Results documentation for more information.
If the output of azqr shows an error similar to the following:
--------------------------------------------------------------------------------
RESPONSE 429: 429 Too Many Requests
ERROR CODE: ResourceRequestsThrottled
--------------------------------------------------------------------------------
{
"error": {
"code": "ResourceRequestsThrottled",
"message": "Number of requests for action 'Microsoft.Cdn/profiles/read' exceeded the limit of '50' for time interval '00:05:00'. Please try again after '372' seconds."
}
}Reduce the number of parallel requests that azqr is making. You can do this by setting the value of the -p parameter to false as in the following example:
./azqr scan -s <subscription_id> -p=falseThis project uses GitHub Issues to track bugs and feature requests. Before logging an issue please check our troubleshooting guide.
Please search the existing issues before filing new issues to avoid duplicates.
- For new issues, file your bug or feature request as a new [issue].
- For help, discussion, and support questions about using this project, join or start a [discussion].
Support for this project/ product is limited to the resources listed above.
Thanks to everyone who has contributed!
This project has adopted the Microsoft Open Source Code of Conduct
Trademarks This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft’s Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party’s policies.