I am working on a project with a sizeable Azure footprint, with other 600 subscriptions and thousands of resource groups.
I would like to understand how the infrastructure has been deployed, rather than the what. i.e has it been done manually or through IaC.
I have thought of some ideas to do this but none have been scalable or gathered great results, my work so far has been,
- Extract resources from KQL and then query the activity log for the creator to determine if it was a named user or service account -> this was slow and did not work too well as the activity logs only lasted for 90 days
- Manually search for the resource names in our source code repository and map this back to a variable file where it has been built by IaC -> again, this is slow and does not really scale
Have you had any experience with this ? Do you have an approach or a tool which you could recommend to help me along with this problem