Azure: Tag Resources with Resource Group Name
What it does
This Policy Template will scan all resources in an Azure Resource Manager Subscription, and will raise an incident if any resources are not properly tagged with their corresponding Resource Group name. When an incident is raised, the Policy escalation will execute Cloud Workflow to tag the resources with the correct Resource Group name.
- Azure Active Directory Application with the appropriate permissions to manage resources in the target subscription
- The following RightScale Credentials
- Follow steps to Create an Azure Active Directory Application
- Grant the Azure AD Application access to the necessary subscription(s)
- Retrieve the Application ID & Authentication Key
- Create RightScale Credentials with values that match the Application ID (Credential name:
AZURE_APPLICATION_ID) & Authentication Key (Credential name:
- Retrieve your Tenant ID
This policy has the following input parameters required when launching the policy.
- Azure AD Tenant ID - the Azure AD Tenant ID used for the Azure API Authentication
- Azure Subscription ID - the Azure Subscription ID used for the Azure API Authentication
- Tag Key - the tag key to scan on resources and to utilize when applying new/updated tags on resources
- Email addresses of the recipients you wish to notify - A list of email addresses to notify
The following policy actions are taken on any resources found to be out of compliance.
- An email is sent to the Email lists provided of the resources out of compliance
- Tag resources with the name of their Resource Group
- Azure Resource Manager
Note: Azure Classic (Azure Service Manager / ASM) resources are not supported by this Policy.
This Policy Template does not launch any instances, and so does not incur any cloud costs.