PowerShell / REST Microsoft Azure: Get-AzPolicyStateSummary?

ByDultus, UserMod Light October 12, 2023March 29, 2025

Good morning!

I would like to report the current status of policy compliance in a subscription.

So I pull the following data:

 $azState = Get-AzPolicyStateSummary -SubscriptionId $subscriptionId    $exportObject.Compliance.TotalRessources = $azState.Results.ResourceDetails[0].Count + $azState.Results.ResourceDetails[1].Count + $azState.Results.ResourceDetails[2].Count    $exportObject.Compliance.CompliantRessources = $azState.Results.ResourceDetails[0].Count    $exportObject.Compliance.NonCompliantRessources = $azState.Results.ResourceDetails[1].Count    $exportObject.Compliance.Exceptions = $azState.Results.ResourceDetails[2].Count    $exportObject.Compliance.Percentage = [math]::Round((1.0 - $exportObject.Compliance.NonCompliantRessources / ($exportObject.Compliance.CompliantRessources + $exportObject.Compliance.NonCompliantRessources + $exportObject.Compliance.Exceptions)) * 100)

This allows me to successfully obtain the resource compliance in percent, the total number of resources as well as the breakdown of how many are compliant, non-compliant and 'other'.

The problem, however, is that I can't access the non-compliant initiatives and non-compliant policies. The values, no matter how I access them, never seem to match these values. I either get significantly lower or significantly higher values.

Does anyone have any idea how I can filter the data correctly or, for example, get the correct data via the Graph API?

(1 votes)

Programming & Software development

Query and modify data from MySQL with VueJS?

ByGuteFrageXY13 January 19, 2024March 29, 2025

Hello, I have a MySQL database on our school's server. Now I want to query and edit data from this database using VueJS. Unfortunately, I haven't been able to find any good videos or documentation online. How can I implement my plan?

Desktop & Notebooks

My newly purchased laptop already has only 92% battery power left. Can I complain?

Bysmurak January 27, 2024February 19, 2025

Hello, I bought a "Lenovo Ideapad Gaming 3" laptop at Mediamarkt (in Austria) last week. Since they were out of stock, I opted for the display model, which offered a modest 3% discount. I bought it, but at the time I didn't know that the battery had already gone through over 100 charge cycles and…

Desktop & Notebooks

Laptop purchase no operating system?

ByDadoZockt October 11, 2023February 20, 2025

I want to buy a laptop because I need one. But the website says "No operating system." Does that mean I have to download the operating system myself, and if so, is Windows 11 free?

Programming & Software development

LCD display. What am I doing wrong?

ByKabelsalat666 July 21, 2023March 30, 2025

I bought an LCD display (blue screen) HD44780 16×02 with an I2C adapter from azdelivery. However, as you can see in the picture, it displays blocks above the text. That means I can see the text from the side. Now I just need to remove the blocks.

Monitors

Hisense TV only runs at 30hz via HDMI?

ByMarcelK03 February 14, 2023February 20, 2025

I recently bought a Hisense 55U77HQ. It runs at 120Hz and 4K. However, the HDMI cable only outputs at 30Hz, and unfortunately, that's even at Full HD. That can't be right. What's wrong? HDMI ports 1 and 2 are slightly different from 3 and 4, but the problem occurs with all ports. What can I…

Programming & Software development

MacBook Air m2 15" with Unity (Visual Studio)?

BySeanat0r October 17, 2023March 29, 2025

I got a MacBook Air m2 15" and then realized when I downloaded Unity that Visual Studio would no longer be available in August of next year. How does this pose a problem with Unity? Should I still sell my MacBook so I can get as much as possible for it and switch to Windows?

4 Answers

Oldest

Newest Most Voted

Inline Feedbacks

View all comments

TheDoessler623

1 year ago

Hi.

Resources from “Get-AzPolicyStateSummary” are listed at the level of policy definitions and initiative level, not at the level of individual resources.

But have no time for more intensive research.

I’d make a point.

foreach ($result in $azState.Results)
{
    if ($result.InitiativeId -ne $null)
    {
        # Compliance für Initiatives
    }
    elseif ($result.PolicyDefinitionName -ne $null)
    {
        # Compliance für Policies
    }
}

Author

Dultus, UserMod Light

1 year ago

Reply to TheDoessler623

I’ve already tried with a filter;

$policyStates = Get-AzPolicyState -SubscriptionId $subscriptionId -Filter "IsCompliant eq false"
$nonCompliantPolicyInitiatives = $policyStates | Where-Object { $_.PolicySetDefinitionId -ne $null } | Select-Object -Unique PolicySetDefinitionId
$nonCompliantPolicies = $policyStates | Where-Object { $_.PolicyDefinitionId -ne $null } | Select-Object -Unique PolicyDefinitionId

Unfortunately leads to the “false values” mentioned.

TheDoessler623

1 year ago

Reply to Dultus, UserMod Light

Hmm ok, maybe I can help later

Author

Dultus, UserMod Light

1 year ago

Would of course be optimal.

Thank you.

Similar Posts