Hello Community, it is possible to define a Policy to find Ressources without Tags? I would like to define this Policy to list all of Items at the "Compliance" Point at the Policy Tab. I have looked at the Definitions but i cant find this scenario. Did someone build an Policy about this scenario? Or can someone help me to build this Policy? Thanks a lot. Regards, Phil

@PhilippGerber-6516 Welcome to Microsoft Q & A Community Forum. Here is a sample policy to list all the resources that have no tags. { "properties": { "displayName": "Checking existence of tags", "policyType": "Custom", "mode": "All", "parameters": {}, "policyRule": { "if": { "field": "tags", "exists": "false" }, "then": { "effect": "audit" } } } } Please 'Accept as answer' or Upvote if the given solution is helpful, so that it can help others in the community looking for help on similar topics.

Azure Policy - Find Ressources without Tags

Accepted answer

SwathiDhanwada-MSFT 17,726 Reputation points

2022-04-20T04:55:53.507+00:00
@PhilippGerber-6516 Welcome to Microsoft Q & A Community Forum. Here is a sample policy to list all the resources that have no tags.

{ "properties": { "displayName": "Checking existence of tags", "policyType": "Custom", "mode": "All", "parameters": {}, "policyRule": { "if": { "field": "tags", "exists": "false" }, "then": { "effect": "audit" } } } }

Please 'Accept as answer' or Upvote if the given solution is helpful, so that it can help others in the community looking for help on similar topics.
Please sign in to rate this answer.
Philipp Gerber 251 Reputation points

2022-04-20T05:57:21.923+00:00

@SwathiDhanwada-MSFT

Thanks for this Answer.
It works very nice .

it's easier than you think.

Edit:

How can i use this for ResourceGroups? To Find all Resourcegroups without an Tag?

Regards,
Phil

SwathiDhanwada-MSFT 17,726 Reputation points

2022-04-20T06:07:41.99+00:00

@PhilippGerber-6516 You can use below policy.

{ "properties": { "displayName": "Checking existence of tags", "policyType": "Custom", "mode": "All", "parameters": {}, "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Resources/subscriptions/resourceGroups" }, { "field": "tags", "exists": "false" } ] }, "then": { "effect": "audit" } } } }

Philipp Gerber 251 Reputation points

2022-04-20T06:11:36.067+00:00

I asked too quickly.
But then my code is correct with the ResourceGroup.

Many thanks.

SwathiDhanwada-MSFT 17,726 Reputation points

2022-04-20T06:38:14.773+00:00

@PhilippGerber-6516 Glad to know it has helped.

Philipp Gerber 251 Reputation points

2022-04-20T07:24:11.87+00:00

Sorry, but now another question has arisen:

What does the Json code have to be like for example if I require a tag when creating a resource group.

However, I would not like to specify a specific day, but creating a resource group is only possible if a tag is specified.

Thanks.

Philipp Gerber 251 Reputation points

2022-04-20T07:52:22.677+00:00

Okay.

Here is my Solution:

{ "mode": "All", "policyRule": { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Resources/subscriptions/resourceGroups" }, { "value": "[less(length(field('tags')), 1)]", "equals": "true" } ] }, "then": { "effect": "deny" } }, "parameters": {} }

This code can also be used for my first request.

There must be at least one tag.

Philipp Gerber 251 Reputation points

2022-04-20T09:22:48.637+00:00

A Short Feedback.

when i use this code i get resources which have been tagged before.

This means that if I remove the tag from a resource, it will still be displayed as Conform afterwards, even though it no longer has a tag.

My code below gives the correct output.

SwathiDhanwada-MSFT 17,726 Reputation points

2022-04-22T09:04:51.21+00:00

@PhilippGerber-6516 May I know if you have further questions which I can help with ?

Philipp Gerber 251 Reputation points

2022-04-22T11:56:26.053+00:00

@SwathiDhanwada-MSFT

Thanks for your help.

I have open a new question:

Maybe you can help me there:

https://learn.microsoft.com/en-us/answers/questions/821091/azure-policy-compare-the-resourcegroup-tag-with-th.html

Thanks
Regards,
Phil

Rafael Buranelo Biasotto 0 Reputation points

2023-05-09T17:44:24.5066667+00:00

I tried to create this policy but it is giving error

Rafael Buranelo Biasotto 0 Reputation points

2023-05-09T18:58:57.49+00:00

I applied the policy on my subscription, but it doesn't get all the resources without applying on the resource group. Is there a way to get the resources applying only to the subscription?
Sign in to comment

Azure Policy - Find Ressources without Tags

0 additional answers