Apr 19 2022 06:16 AM
Hello Community,
it is possible to define a Policy to find Ressources without Tags?
I would like to define this Policy to list all of Items at the "Compliance" Point at the Policy Tab.
I have looked at the Definitions but i cant find this scenario.
Did someone build an Policy about this scenario?
Or can someone help me to build this Policy?
Thanks a lot.
Regards,
Phil
Apr 21 2022 11:28 AM
Hi @Phil123
I assume you are not looking for a particular tag key and/or values but you want the policy to audit all resources that have no tags.
If that is true, then you are right, there isn't any built-in policy for that!
I created a custom policy with indexed mode and used the following policy rule:
"policyRule": {
"if": {
"field": "tags",
"exists": "false"
},
"then": {
"effect": "audit"
}
}
},
Based on my tests, it did show correctly all resources in my subscription, where I haven't applied any tags. Please try it out :)
May 07 2022 09:42 AM
@Phil123
You can use a ARG (Azure Resource Graph) Queries. Here are three different queries:
// To Find Subscription Missing Tags
resourcecontainers
| where type == "microsoft.resources/subscriptions"
and isnull(tags) or tostring(tags) == '[]'
// To Find Resource Groups Missing Tags
resourcecontainers
| where type == "microsoft.resources/subscriptions/resourcegroups"
and isnull(tags) or tostring(tags) == '[]'
// To Find Resources Missing Tags
resources
| where isnull(tags) or tostring(tags) == '[]'