
Track changes to Azure resources
Changes to your Azure resources are quite common, and they are difficult to identify. Until now. Microsoft recently released (in preview) the ability to detect change events using Azure Resource Graph. Meaning you do not have to decipher the administrative events in the activity log of your resources. Much like the change tracking solution for Azure VMs.
How does resource changes work in resource graph?
Resource changes are stored in the resource graph under a new table called ResourceChanges
. This table is populated from the activity log and removes the complexity we earlier had with matching correlationId, changeId, and so on.
Note:
Resource changes only reflect data in the Resources
table in resource graph
What can I do with this?
There are a lot of reasons and possibility that comes with this feature. Microsoft themself mention
- Incident handeling – what happened prior to the incident
- CMDB update on changes
- Azure policy initiated changes
The first reason is probably a good place to start. In my next post, I will show you how to add an azure monitor alert rule, action group, and an Azure function that can pull relevant change information from the impacted resource.