Forum Discussion

Phil123's avatar
Phil123
Brass Contributor
Apr 19, 2022

Azure Policy - Find Ressources without Tags

Hello Community,

 

it is possible to define a Policy to find Ressources without Tags?

I would like to define this Policy to list all of Items at the "Compliance" Point at the Policy Tab.

 

I have looked at the Definitions but i cant find this scenario.

 

Did someone build an Policy about this scenario?
Or can someone help me to build this Policy?

 

Thanks a lot.

 

Regards,
Phil

 

 

Azure Policy
  • pazdedav's avatar
    pazdedav
    Steel Contributor
    Apr 21, 2022

    Hi Phil123 

     

    I assume you are not looking for a particular tag key and/or values but you want the policy to audit all resources that have no tags.

     

    If that is true, then you are right, there isn't any built-in policy for that!

     

    I created a custom policy with indexed mode and used the following policy rule:

        "policyRule": {
      "if": {
        "field": "tags",
        "exists": "false"
      },
      "then": {
        "effect": "audit"
      }
    }
  },

    Based on my tests, it did show correctly all resources in my subscription, where I haven't applied any tags. Please try it out 🙂

  • BrooksV's avatar
    BrooksV
    Copper Contributor
    May 07, 2022

    Phil123 

    You can use a ARG (Azure Resource Graph) Queries. Here are three different queries:

    // To Find Subscription Missing Tags
resourcecontainers
| where type == "microsoft.resources/subscriptions"
    and isnull(tags) or tostring(tags) == '[]'

// To Find Resource Groups Missing Tags
resourcecontainers
| where type == "microsoft.resources/subscriptions/resourcegroups"
    and isnull(tags) or tostring(tags) == '[]'

// To Find Resources Missing Tags
resources
| where isnull(tags) or tostring(tags) == '[]'

Resources