Install-Module -Name AzureResourceInventory
To run the script just execute "Invoke-ARI" with the regular parameters:
Invoke-ARI
| Parameter | Description | |
|---|---|---|
| TenantID | Specify the tenant ID you want to create a Resource Inventory. | -TenantID <ID> |
| SubscriptionID | Specifies Subscription(s) to be inventoried. | -SubscriptionID <ID> |
| ManagementGroup | Specifies the Management Group to be inventoried(all Subscriptions on it) | -ManagementGroup <ID> |
| Lite | Specifies to use only the Import-Excel module and don't create the charts (using Excel's API) | -Lite |
| SecurityCenter | Include Security Center Data. | -SecurityCenter |
| SkipAdvisory | Do not collect Azure Advisory. | -SkipAdvisory |
| Automation | Required when running the script with Automation Account | -Automation |
| StorageAccount | Storage Account Name (Required when running the script with Automation Account) | -StorageAccount |
| StorageContainer | Storage Account Container Name (Required when running the script with Automation Account) | -StorageContainer |
| IncludeTags | Include Resource Tags. | -IncludeTags |
| Debug | Run in a Debug mode. | -Debug |
| DiagramFullEnvironment | Network Diagram of the entire environment | -DiagramFullEnvironment |
| Diagram | Create a Draw.IO Diagram. | -Diagram |
| SkipDiagram | To skip the diagrams creation | -SkipDiagram |
| DeviceLogin | Authenticating on Azure using the Device login approach | -DeviceLogin |
| AzureEnvironment | Choose between Azure environments > Registered Azure Clouds. Use az cloud list to get the list |
-AzureEnvironment <NAME> |
| ReportName | Change the Default Name of the report. Default name: AzureResourceInventory |
-ReportName <NAME> |
| ReportDir | Change the Default path of the report. | -ReportDir "<Path>" |
| Online | Use Online Modules. Scan Modules diretly in GitHub ARI Repository | -Online |
| ResourceGroup | Specifies one unique Resource Group to be inventoried, This parameter requires the -SubscriptionID to work. | -ResourceGroup <NAME> |
| TagKey | Specifies the tag key to be inventoried, This parameter requires the -SubscriptionID to work. |
-TagKey <NAME> |
| TagValue | Specifies the tag value be inventoried, This parameter requires the -SubscriptionID to work. |
-TagValue <NAME> |
| QuotaUsage | Quota Usage | -QuotaUsage |
- For CloudShell:
/>./Invoke-ARI -Debug - Powershell Desktop:
/>./Invoke-ARI -TenantID <Azure Tenant ID>
If you do not specify the Subscription Resource Inventory will be performed on all subscriptions for the selected tenant. To perform the inventory in a specific Tenant and subscription use
-TenantIDand-SubscriptionIDparameter/>./Invoke-ARI -TenantID <Azure Tenant ID> -SubscriptionID <Subscription ID>
- Including Tags:
/>./Invoke-ARI -TenantID <Azure Tenant ID> --IncludeTags
By Default Azure Resource inventory do not include Resource Tags.
- Collecting Security Center Data:
/>./Invoke-ARI -TenantID <Azure Tenant ID> -SubscriptionID <Subscription ID> -SecurityCenter
By Default Azure Resource inventory do not collect Security Center Data.
- Skipping Azure Advisor:
/>./Invoke-ARI -TenantID <Azure Tenant ID> -SubscriptionID <Subscription ID> -SkipAdvisory
By Default Azure Resource inventory collects Azure Advisor Data.
- Skipping Network Diagram:
/>./Invoke-ARI -TenantID <Azure Tenant ID> -SkipDiagram
If you have permissions on more than one tenant, the script will prompt which Tenants do you want to run the inventory against:
If can also select which Tenant do you want to run the inventory against:
Draw.io .XML file will be put in the "C:\AzureResourceInventory" folder:
Now you just need to open draw.io and open the file:
