Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
A cloud-native solution that protects workloads across hybrid and multi-cloud environments with threat detection and security recommendations
Defender for Cloud Asset Inventory shows only 1 resource — Foundational CSPM enabled but discovery not populating
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 0%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELD%3C/text%3E%3C/svg%3E)
LC-Developer
0
Reputation points
I have Foundational CSPM enabled on an Azure subscription with approximately 28 resources, but the Defender for Cloud Inventory page only displays 1 resource (an auto-created Log Analytics workspace). I'd like help getting discovery to populate the full inventory.
Configuration confirmed via az security pricing list:
- FoundationalCspm —
pricingTier: Standard(enabled) - Discovery —
pricingTier: Standard(enabled) - All other Defender plans —
Free(intentionally not enabled at this time) -
freeTrialRemainingTimeon FoundationalCspm is0:00:00, confirming the plan has been enabled for an extended period
Resources in the subscription confirmed via Azure Resource Graph (az graph query): 28 resources, including multiple App Services, an App Service plan, a PostgreSQL flex server, a storage account, a VNet, and supporting infrastructure. All resources are in a single resource group in Canada Central.
Expected: Per Microsoft Learn documentation, Asset Inventory should list all assessable Azure resources within minutes of enabling Foundational CSPM.
Actual:
- Defender for Cloud → Inventory shows
Total resources: 1— only the auto-createdDefaultWorkspace-...Log Analytics workspace - All Inventory filters set to "All" (Subscription, Resource type, Resource group, Environment)
- Recommendations page also empty across all resources
- Behavior has persisted; this is not a "just enabled, scan hasn't run yet" situation
Already tried:
- Confirmed all UI filters are cleared
- Confirmed correct subscription scope
- Verified resources exist via Resource Graph (returns full list of 28)
- Confirmed pricing tier via Azure CLI as noted above
Looking for:
- Guidance on forcing CSPM policy-based discovery to re-initialize
- Or a root-cause diagnosis for why discovery isn't enumerating resources
Happy to share subscription ID and additional config detail privately if an engineer engages on the post.
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(220.8, 92%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
Sridevi Machavarapu 32,000 Reputation points Microsoft External Staff Moderator2026-06-04T15:30:57.2666667+00:00 Hello LC-Developer,
Thanks for the detailed information.
Since Foundational CSPM and Discovery are enabled and the resources are visible in Azure Resource Graph, the Inventory page would normally show supported resources.
Could you please share:
- Subscription ID (in
Private messagestab) - Screenshots of:
- Defender for Cloud > Inventory
- Defender for Cloud > Environment settings
- Output of:
az security pricing list - Whether any resources appear under Recommendations or if the issue is limited to Inventory
There isn't a documented way to manually trigger Asset Inventory discovery. The information above will help determine whether this is related to onboarding, policy assignment, resource eligibility, or a service-side issue.
- Subscription ID (in
-
LC-Developer 0 Reputation points
2026-06-05T01:58:07.7733333+00:00 Thank you! Private message has been sent.
Sign in to comment
Sign in to answer