Azure tag automation using an Initiative definition. In Cloud, Tags are metadata values that contain keys and values to help users organize and bring governance to cloud resources. Tagging is essential because it helps to efficiently optimize costs across cloud providers by assigning useful information to any resource within your cloud infrastructure. It also helps to group the resources based on application or business. In Azure, each resource, resource group, and subscription can have a maximum of 50 tag name/value pairs. The tag name is limited to 512 characters, and the tag value is limited to 256 characters. For storage accounts, the tag name is limited to 128 characters, and the tag value is limited to 256 characters.
Our Approach :
For each resource deployment, we can pass the standard tags but at some point, it will become painful since we might need to pass the value for more than 10 tags for each resource deployment. How to overcome this pain area? Here are a few tricks that can be followed in your subscriptions.
- Create a resource group with mandatory tags
- Apply subscription level policy to inherit missing tags from the resource group – If you have only one or two tags.
- If you have multiple tags, use the policy initiative
Option -1 : Definiation tag inheritance:
If you need to manage one or two tags, use azure policy to update tags automatically by inheriting them from the resource group.
- Login to Azure portal with contributor access.
2. Navigate to Policy (Search policy in the top search bar)
3. Navigate to definition and in the search bar, just type “inherit“. Select the highlighted policy to automatically inherit the tag from resource group.
4. Update the assignment name and select the scope as your subscription.
5. Update the tag which needs to be inherited from resource group.
6. Would you like to remediate the existing resources ? So that the defined tag will inherited from resource group and applied to all the resources.
7. Review and create the policy definition.
Option – 2: Policy Initiative definition
If you are using more than one tag, use policy initiative. Policy initiative is a collection of Azure policy definitions that are grouped together towards a specific goal or purpose in mind. Azure initiatives simplify the management of your policies by grouping a set of policies together as one single item.
How to create an initiative definition?
Azure tag automation using policy initiative definition.
1.Login to Azure portal and navigate to policy.
2. Click on definition and on the top click “initiative definition“. Enter the new initiative definition name
3. Add the policy definition to initiative definition.
4. Repeat step number 3 based on your requirement. In my case, I want to inherit 4 tags from the resource group. So I had repeated them 4 times.
5. Add the tag values which needs to be inherited from resource group.
6. Review and create initiative definition.
7. We could see the newly created initiative definition in policy.
Assign the initiative to the subscription:
- Click the newly created initiative definition.
2. Select the subscription and click review & create. Policy will be applied with immediate effect.
Test the initiative definition:
- Here is the resource group which created with standard tags.
2. Let’s create a new resource without passing the tags.
3. Here is the new storage account and we could see that tags are automatically inherited from the resource group. This would really save a lot of time and bring some consistency around the tags for sure.
Hope this article is informative to you.