Question 104724 in Azure Question posted in
The official documentation to get you started can be found here.

Azure – My Powershell script is not explicitly calling for any specific resources but I am getting "ErrorCode: TargetResourceNotFound" error

My Powershell script is not explicitly calling for any specific resources but I am getting "ErrorCode: TargetResourceNotFound" error. I have attached the error in the image. What am I missing?

$subs = Get-AzSubscription | Where-Object {$_.Name -like "*-NonProd"}
foreach ($sub in $subs)
{
Select-AzSubscription -SubscriptionId $sub.Id
$RGs = Get-AzResourceGroup | Where-Object {$_.ResourceGroupName -like "*Infra"} 
foreach ($RG in $RGs)
{
$NetworkWatchers = Get-AzNetworkWatcher
$NSGs = (Get-AzNetworkSecurityGroup).Id 
foreach ($NSG in $NSGs)
{
       foreach ($NetworkWatcher in $NetworkWatchers)
{ 
       $Status = Get-AzNetworkWatcherFlowLogStatus -NetworkWatcherName $NetworkWatcher.Name 
ResourceGroupName $RG.ResourceGroupName -TargetResourceId $NSG -Verbose
}
     if (($Status).Enabled -eq $true)
{
     Write-Output  "$NSG in $(($sub).Name) has FlowLogs Enabled" | Tee-Object -FilePath 'C:Usersuser1downloadsOutput.txt'  -Verbose -Append
}
     if (($Status).Enabled -ne $true)
{ 
    Write-Output  "$NSG in $(($sub).Name) does not have FlowLogs Enabled" | Tee-Object -FilePath 'C:Usersuser1downloadsOutput.txt'  -Verbose -Append 
   }
  }
 }
}

enter code here

Error Attached

enter image description here

Tags:

3

Answers


  1. Chosen as BEST ANSWER
    0

    I appreciate your assistance. I got it working by changing -NetworkWatcherName $NetworkWatcher.Name to -NetworkWatcherName $NetworkWatcher.ResourceGroupName

        foreach ($NSG in $NSGs)
    {
        # $NSG.Id
        # $NSGid = $NSG.Id
        foreach ($NetworkWatcher in $NetworkWatchers)
        { 
            $Status = Get-AzNetworkWatcherFlowLogStatus -NetworkWatcherName $NetworkWatcher.ResourceGroupName -ResourceGroupName $RG.ResourceGroupName -TargetResourceId $NSG -Verbose -ErrorAction SilentlyContinue
            if (($Status).Enabled -eq $true)
            {
               Write-Output  "$NSG in $(($sub).Name) has FlowLogs Enabled" | Tee-Object -FilePath 'C:UsersA240379downloadsOutEnabled.csv'  -Verbose -Append

            }
            if (($Status).Enabled -ne $true)
            { 
                Write-Output  "$NSG in $(($sub).Name) does not have FlowLogs Enabled" | Tee-Object -FilePath 'C:UsersA240379downloadsOutNotEnabled.csv'  -Verbose -Append 

            }

        }

    }

  2. 0

    Network Watchers are usually in a hidden resource group, and perhaps you are trying to find one in one of the available RGs. Try omitting the RG factor and use

    $subs = Get-AzSubscription | Where-Object { $_.Name -like "*-NonProd" }
foreach ($sub in $subs) {
    Select-AzSubscription -SubscriptionId $sub.Id
    $NetworkWatchers = Get-AzNetworkWatcher
    $NSGs = (Get-AzNetworkSecurityGroup).Id 
    foreach ($NSG in $NSGs) {
        foreach ($NetworkWatcher in $NetworkWatchers) { 
 
            $Status = Get-AzNetworkWatcherFlowLogStatus -NetworkWatcher $NetworkWatcher -TargetResourceId $NSG -Verbose
        }
        if (($Status).Enabled -eq $true) {
            Write-Output  "$NSG in $(($sub).Name) has FlowLogs Enabled" | Tee-Object -FilePath 'C:Usersuser1downloadsOutput.txt'  -Verbose -Append
        }
        if (($Status).Enabled -ne $true) { 
            Write-Output  "$NSG in $(($sub).Name) does not have FlowLogs Enabled" | Tee-Object -FilePath 'C:Usersuser1downloadsOutput.txt'  -Verbose -Append 
        }
    }
   
}

    I am able to get all flow logs configuration status.

    Login or Signup to reply.
  3. 0

    Here is another approach:

    I tried to reproduce the same in my environment and got the same error as below:

    enter image description here

    The error TargetResourceNotFound usually occurs if you are passing invalid resource group name or subscription name.

    To confirm whether the resource group or subscription exists, execute the below code lines separately like below:

    $subs = Get-AzSubscription | Where-Object {$_.Name -like "*-name"}
$subs

$RGs = Get-AzResourceGroup | Where-Object {$_.ResourceGroupName -like "*name"} 
$RGs

    enter image description here

    The error states that Target resource identifier /subscriptions/subid/resourceGroups/RG/providers/Microsoft.Network/networkWatchers/*** not found in the region westeurope. Cross-verify whether the Network Watcher exists.

    I am able to get the status of the Network Watcher successfully when I passed valid subscription and Resource group like below:

    If the error still persists, try excluding the $RGs = Get-AzResourceGroup | Where-Object {$_.ResourceGroupName -like "*name"} and execute.

    ![enter image description here](https://i.imgur.com/NcS3dvH.png)

    enter image description here

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search