Azure Policy - Find Ressources without Tags

Question

question

PhilippGerber-6516 asked Apr 19, '22 PhilippGerber-6516 commented Apr 22, '22

Azure Policy - Find Ressources without Tags

Hello Community,

it is possible to define a Policy to find Ressources without Tags?

I would like to define this Policy to list all of Items at the "Compliance" Point at the Policy Tab.

I have looked at the Definitions but i cant find this scenario.

Did someone build an Policy about this scenario?
Or can someone help me to build this Policy?

Thanks a lot.

Regards,
Phil

azure-policy

· 2

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Sam-Cogan · Apr 19 at 05:34 PM

Do you want to find all resources that have 0 tags, or resources that don't have a specific tag?

0 ·

PhilippGerber-6516 Sam-Cogan · Apr 19 at 05:47 PM

I want to find all Resources with 0 Tags.

And this with an azure Policy.

0 ·

Answer 1 · 2022-04-20T04:55:53.507Z

SwathiDhanwada-MSFT answered Apr 20, '22 PhilippGerber-6516 commented Apr 22, '22

@PhilippGerber-6516 Welcome to Microsoft Q & A Community Forum. Here is a sample policy to list all the resources that have no tags.

 {
   "properties": {
     "displayName": "Checking existence of tags",
     "policyType": "Custom",
     "mode": "All",
     "parameters": {},
     "policyRule": {
       "if": {
         "field": "tags",
         "exists": "false"
       },
       "then": {
         "effect": "audit"
       }
     }
   }
 }

Please 'Accept as answer' or Upvote if the given solution is helpful, so that it can help others in the community looking for help on similar topics.

· 9

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PhilippGerber-6516 · Apr 20 at 05:57 AM

@SwathiDhanwada-MSFT

Thanks for this Answer.
It works very nice .

it's easier than you think.

Edit:

How can i use this for ResourceGroups? To Find all Resourcegroups without an Tag?

Regards,
Phil

0 ·

SwathiDhanwada-MSFT PhilippGerber-6516 · Apr 20 at 06:07 AM

@PhilippGerber-6516 You can use below policy.

  {
    "properties": {
      "displayName": "Checking existence of tags",
      "policyType": "Custom",
      "mode": "All",
      "parameters": {},
      "policyRule": {
        "if": {
          "allOf": [
           {
             "field": "type",
             "equals": "Microsoft.Resources/subscriptions/resourceGroups"
           },
           {
             "field": "tags",
             "exists": "false"
           }
         ]
        },
        "then": {
          "effect": "audit"
        }
      }
    }
  }

1 ·

PhilippGerber-6516 SwathiDhanwada-MSFT · Apr 20 at 06:11 AM

I asked too quickly.
But then my code is correct with the ResourceGroup.

Many thanks.

0 ·

Show more comments

PhilippGerber-6516 · Apr 20 at 07:24 AM

Sorry, but now another question has arisen:

What does the Json code have to be like for example if I require a tag when creating a resource group.

However, I would not like to specify a specific day, but creating a resource group is only possible if a tag is specified.

Thanks.

0 ·

PhilippGerber-6516 PhilippGerber-6516 · Apr 20 at 07:52 AM

Okay.

Here is my Solution:

 {
     "mode": "All",
     "policyRule": {
       "if": {
         "allOf": [
           {
             "field": "type",
             "equals": "Microsoft.Resources/subscriptions/resourceGroups"
           },
           {
             "value": "[less(length(field('tags')), 1)]",
             "equals": "true"
           }
         ]
       },
       "then": {
         "effect": "deny"
       }
     },
     "parameters": {}
   }

This code can also be used for my first request.

There must be at least one tag.

1 ·

SwathiDhanwada-MSFT PhilippGerber-6516 · Apr 22 at 09:04 AM

@PhilippGerber-6516 May I know if you have further questions which I can help with ?

0 ·

Show more comments

question