Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ ARI Public

Azure Resource Inventory .NET Tool - Inventories and documents Azure Tenant resources

License

MIT license
32 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

devlead/ARI

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

544 Commits
.config
.config
 
 
.github
.github
 
 
build
build
 
 
icon
icon
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.cake
build.cake
 
 
global.json
global.json
 
 
nuget.config
nuget.config
 
 
renovate.json
renovate.json
 
 

Repository files navigation

ARI

Azure Resource Inventory .NET Tool - Inventories and documents Azure Tenant resources to a set of markdown files for specified tenant to a specified folder.

Obtain

dotnet tool install -g ari

Commands

Use -h / --help to get the current list of available commands and options.

ari --help
ari command --help

inventory

The inventory command inventories tenants and outputs it's result as markdown files to specified output path.

ari inventory <tenantId> <outputpath> [options]

Quick Start

Running ARI Successfully for the First Time

By default it'll try authenticate using the DefaultAzureCredential which tries to authorize in the following order based on your environment.

  1. EnvironmentCredential
  2. WorkloadIdentityCredential
  3. ManagedIdentityCredential
  4. SharedTokenCacheCredential
  5. VisualStudioCredential
  6. VisualStudioCodeCredential
  7. AzureCliCredential
  8. AzurePowerShellCredential
  9. AzureDeveloperCliCredential
  10. InteractiveBrowserCredential

Setup Azure App Registration

The recommended way is using a service principal with only the access required for it to document, you can do this by creating an app registration.

  1. Begin by creating an App Registration in Azure Entra for the report generator. This ensures that the report generator has precisely the required access, such as organization-wide read permissions or access to a limited set of subscriptions.
  2. Assign the API permission https://graph.microsoft.com/Organization.Read.All to the created App Registration.
  3. In my tenant, Admin consent is required for this permission.
  4. Add a role that allows the App Registration to read an organization. You can do this under Subscription management in Azure and Access Control (IAM). Add Role Assignment, find the App Registration and give it Read access.
  5. Assign a secret to the App Registration and make a note of this secret.

With the Azure App Registration now configured, we are ready to proceed.

Configure ARI for Execution

  1. Create a dedicated folder for the generated report.
  2. Set the environment variable AZURE_TENANT_ID to the tenant ID (found in the App Registration overview for your app).
  3. Set the environment variable AZURE_CLIENT_ID to the client ID (found in the App Registration overview for your app).
  4. Set the environment variable AZURE_CLIENT_SECRET to the secret noted earlier.
  5. Set the environment variable AZURE_AUTHORITY_HOST to https://login.microsoftonline.com/.

Run ARI

Assuming all the environment variables are correctly set, follow these steps:

dotnet tool install --global ARI
ari <AZURE_TENANT_ID> <FOLDER_FOR_REPORT>

By following these steps, you should be able to run ARI successfully for the first time. If you encounter any issues, double-check the Azure App Registration setup and ensure that the environment variables are accurately configured.

About

Azure Resource Inventory .NET Tool - Inventories and documents Azure Tenant resources

Resources

Readme

License

MIT license
Activity

Stars

32 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 37

2025.9.10.495 Latest
Sep 10, 2025
+ 36 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages