I need some help inspecting and troubleshooting which Azure Policy & Blueprint applied to the specific resource group.

How to check which Azure Policy & Azure Blueprint is applied to my Resource group?

Azure Policy: https://learn.microsoft.com/en-us/powershell/module/az.resources/get-azpolicyassignment?view=azps-9.1.0#parameters

Azure Blueprints: https://learn.microsoft.com/en-us/powershell/module/az.blueprint/get-azblueprintassignment?view=azps-9.1.0

How can I combine the above, so that when I enter the name of the Resource Group, both Azure Policy and Blue Prints will be shown?

CodePudding user response：

Combining get-azpolicyassignment and get-azblueprintassignment to process with one input?

AFAIK, combing both outputs is not possible. Because both do not have same property name of resources group(In Policy it is ResourceGroupName but in Blue print its different).

But using Azure PowerShell, I have got Policy assignments by using name of the resource group as below and followed Microsoft-Document:

 Search-AzGraph -Query "policyresources| where type == 'microsoft.authorization/policyassignments'| where resourceGroup has 'xx'"

xx- resource group name.

By using below command, I could get the output as below and followed Microsoft-Document:

Get-AzBlueprintAssignment -SubscriptionId "00000000-1111-0000-1111-000000000000" -Name "myAssignmentName"

As Blue print is a combination of bunch of Azure Policies, blue print is applied at Subscription level and management group level. So only way you can filter is through subscription id.

You could also use below query in resource graph explorer to get policy assignments in a resource group.

policyresources

| where type == "microsoft.authorization/policyassignments"

| where resourceGroup has  "bhanim-test"