Update : updated script to support Azure Az powershell module.
In my previous blog, I talked about benefits of tagging and how to tag resource groups using powershell. A script was also provided with some standard example tags – like, Environment, Budget Category, Application etc. Let’s keep on working on the same situation like last blog. We have hundreds of resource groups and each resource group has one more resources associated with it. We already tagged the resource groups and now planning to tag those resources (whatever, resource can accept tags. Not all Azure resource type can be tagged.).
Again, Azure Resource Manager Policy should be our first choice of method as it is the best way to keep those resources compliant for tags. However, as I did in the previous blog, I will use Powershell to tag resources. This time, I am not using a csv file as input. It will be too much to parse through such a huge number of rows and tag based on those.It can be done, but, this time I decided to use the tags associated with resource groups will be applied to Azure resources with in that resource group. I am assuming, all resources with in the resource group are deployed for same Environment, Application , Department or Budget Category etc. as the resource group.
I think, we have enough context. Let’s start scripting.
Make sure you have Azure Az Module installed and imported on the system before running this script. For more information on how to install and configure Az module refer following article : https://docs.microsoft.com/en-us/powershell/azure/new-azureps-module-az?view=azps-5.5.0
First, login to your Azure account with Login-AzAccount in Powershell console. Enter your credentials when prompted.
Now, the script run Get-AzResourceGroup on the subscription you have set your context and running through a loop. In every iteration, it gets resource group name and all the associated tags with the resource group. After that, it finds all resources within the resource group with Get-AzResource. Loop through each resource and checks if it already has those tags. If it does not have those tags already, script will apply those missing tags taken from the resource group. Here is the complete script do these all.
Get-AzResourceGroup | Select-Object ResourceGroupName,Tags | ForEach-Object{
$rgName = $rgTags = $null
$rgName = $_.ResourceGroupName
$rgTags = $_.Tags
Get-AzResource -ResourceGroupName $rgName | Select-Object Name,Tags,ResourceId | ForEach-Object{
$resName = $resTags = $resId = $null
$resName = $_.Name
$resTags = $_.Tags
$resId = $_.ResourceId
if([String]::IsNullOrEmpty($resTags)){
$resTags = @{}
if($rgTags.Keys -contains "TeamName"){$resTags.Add("TeamName", $rgTags.TeamName)}
if($rgTags.Keys -contains "BudgetCategory"){$resTags.Add("BudgetCategory", $rgTags.BudgetCategory)}
if($rgTags.Keys -contains "Program"){$resTags.Add("Program", $rgTags.Program)}
if($rgTags.Keys -contains "Environment"){$resTags.Add("Environment", $rgTags.Environment)}
if($rgTags.Keys -contains "Department"){$resTags.Add("Department", $rgTags.Department)}
}
else{
if($resTags.Keys -notcontains "TeamName"){
if($rgTags.Keys -contains "TeamName"){
$resTags.Add("TeamName", $rgTags.TeamName)
}
}
if($resTags.Keys -notcontains "BudgetCategory"){
if($rgTags.Keys -contains "BudgetCategory"){
$resTags.Add("BudgetCategory", $rgTags.BudgetCategory)
}
}
if($resTags.Keys -notcontains "Program"){
if($rgTags.Keys -contains "Program"){
$resTags.Add("Program", $rgTags.Program)
}
}
if($resTags.Keys -notcontains "Environment"){
if($rgTags.Keys -contains "Environment"){
$resTags.Add("Environment", $rgTags.Environment)
}
}
if($resTags.Keys -notcontains "Department"){
if($rgTags.Keys -contains "Department"){
$resTags.Add("Department", $rgTags.Department)
}
}
}
Set-AzResource -Tag $resTags -ResourceId $resId -Force
}
}That’s it! Now you have applied tags to all resources which can be tagged. In case you are either not interested to tag resources in every resource group or just want to do it in parts, you can create a file containing all those target resource groups and run a loop through it like Get-AzResourceGroup -ResourceGroupName <name of resource group>.