Tagging Azure Resources

Tagging Azure Resources

Tag Limits

  • Not all resource types support tags. This means that you will not be able to apply tags to everything in Azure.
  • A resource or resource group is limited to 15 tags. Each resource can have different tags.
  • Tag names cannot exceed 512 characters. For storage accounts, tag names are limited to 128 characters.
  • Tag values cannot exceed 256 characters.
  • VMs cannot exceed 2048 characters for all tag names and values combined.
  • Tags are not inherited by child resources. Tags applied to a resource group are not applied to resources in that resource group.
  • Tags cannot be applied to classic resources and are only available for resources created in the Resource Manager model.
  • Tag names cannot contain the following characters: <, >, %, &, \, ?, /

Tagging Resources

To apply tags to a resource group or a resource, the  user applying the tag must have write access to the resource (Contributor role or higher access).

To apply a tag to a resource group and resource with no existing tags with PowerShell 

Set-AzResourceGroup -Name Lab -Tag @{ Department=”IT”; Environment=”Dev” }

$resource = Get-AzResource -ResourceName PDC -ResourceGroupName Lab
Set-AzResource -Tag @{ Department=”IT”; Environment=”Dev” } -ResourceId $resource.ResourceId -Force

image

imageApplying tags to a resource group and resource with existing tags

$tags = (Get-AzResourceGroup -Name Lab).Tags
$tags.Add(“Owner”, “admin@secops.one”)
Set-AzResourceGroup -Tag $tags -Name Lab

$resource = Get-AzResource -ResourceName PDC -ResourceGroupName Lab
$resource.Tags.Add(“Owner”, “admin@secops.one”)
Set-AzResource -Tag $resource.Tags -ResourceId $resource.ResourceId -Force

imageRetrieve all the resource groups and resources with a specific tag

(Get-AzResourceGroup –Tag  { Owner=”admin@secops.one” }).ResourceGroupName

(Get-AzResource -Tag @{ Owner=”admin@secops.one” }).Name

imageRetrieve resources based on a tag name not a value

(Get-AzResource -TagName Department).Name

To remove tags from an existing resource, pass an empty hash table

Set-AzResourceGroup -Tag @{} -Name Lab

Set-AzResourceGroup -Tag @{} -ResourceName PDC

Comments are closed.