Using Azure tags to improve resources organization
Hello, most of companies are happy because they have a “world class” infrastructure, but they under-estimate the organization of their resources in Azure. Because of this, a lot of easy tasks such us tracking become hard, just because they did not organize their resources.
If one day I ask you to list all the critical resources that you’ve created, will you manually note them using a pen and an agenda ? Yes, it’s a way to do, but how much time will you spend just to realize such a simple task (Don’t you have a “world class” infrastructure ?) ? What if I ask you to find all the resources created by a user ? How do you purge the temporary resources ?.
Azure resources tagging allows you to assign a kind of metadata to a resource. Then, you can find all the resources that have the same tag !
- What is a tag ?
A tag is a Key/Value pair. It can be applied to the resource groups or Directly on the resources. It is searchable so it can be used to find resources or resource groups using Powershell or Azure Portal …
Using the PowerShell command
(Get-AzResource -Tag @{ Environment="Dev"}).NameIt will return all the resources that contain the Dev tag (without using any pen or agenda). You can separate costs based on a tag name, so the tags in Azure may be useful for billing information.
- Tags and automation : Temporary resources use case
Tags can be useful for the automation. Imagine that you have some temporary resources. You can apply a “Time To Live” Tag.
In this use case, I will create a storage account with a “Time To Live” Tag, if the TTL exceeded, the storage account should be automatically deleted.
Using a PowerShell script, you can automate the deletion of all the temporary resources by finding them using their “TTL” tag.
This ARM Template will create a Storage Account with two tags. The creation date and the time to live.
Note : the creation date may be useful if you want to find all the resources created on the same day.
Now if we want to remove all the expired resources, we just have to run the script :
This script will find all the resources that contain a “TTL” tag, it will compare the current date with the creation one. If the difference between them is greater than the TTL so we remove the resource.
Using these tags, it will be easier for you to purge the old resources.
- Common tags
Environment : The environment which may be sandbox, dev or prod …
CreatedBy : The person who creates the resource.
CreationDate : When the resource has been created.
Time To Live : If it is a temporary resource, how much time it must live.
Criticality : The importance of the resource.
- How to automatically add tags : CreatedBy use case
Some tags (like the Time To Live, Criticality or createdDate) may be added on creation using ARM Templates.
Other tags like “CreatedBy” must be added automatically without any human intervention. Is that possible ? Yes !
We will need :
- Activity Logs;
- Automation Account.
The idea is to create a scheduled runbook. It will turn every night, every week or every 14 days (It’s up to you to decide). It will get all the untagged resources and apply the “CreatedBy” tag.
This script will get all the resources and for every untagged one, it will apply a “createdBy” Tag.
The idea is to turn this script inside a scheduled runbook.
Note : this script is just a V1, you can optimize it.
Now if I ask you for all the resources created by the user “charotamine@outlook.fr”, you just have to check the tag and it will return all the resources across all the resource groups !
Nice ha ? Better than a pen and an agenda !
ciao !
