Azure Resource Graph to make cross-subscription queries to see if I have any upcoming expiring certificates.
Get all web app certificates
This will get you a list of all the app service certificates you have in your subscription(s).
1
2
| resources
| where type == "microsoft.web/certificates"
|
To simplify the overview, we can limit the properties we return:
1
2
3
| resources
| where type == "microsoft.web/certificates"
| project resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer
|
Get the Expiration Date of certificates:
1
2
3
4
5
| resources
| where type == "microsoft.web/certificates"
| extend ExpirationDate = todatetime(properties.expirationDate)
| project ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer
| order by ExpirationDate asc
|
Get the number of days until expiration:
1
2
3
4
5
6
7
| resources
| where type == "microsoft.web/certificates"
| extend ExpirationDate = todatetime(properties.expirationDate)
| extend DaysUntilExpiration = datetime_diff("day", ExpirationDate, now())
| project DaysUntilExpiration, ExpirationDate, resourceGroup, name, subscriptionId, properties.expirationDate, properties.thumbprint, properties.subjectName, properties.issuer
| where ExpirationDate < now() + 60d
| order by DaysUntilExpiration
|
Group by month for easy visualization:
1
2
3
4
5
6
7
8
| resources
| where type == "microsoft.web/certificates"
| extend ExpirationDate = todatetime(properties.expirationDate)
| extend ExpirationYear = getyear(ExpirationDate)
| extend ExpirationMonth = format_datetime(ExpirationDate, 'yyyy-MM')
| extend DaysUntilExpiration = datetime_diff("day", ExpirationDate, now())
| summarize count() by ExpirationMonth
| order by ExpirationMonth asc
|
You can also pin these results, and visualizations, to your Azure Dashboards(Private/Shared).
