Automatic tagging resources in Azure

There are many possibilities why it is good to tag devices within Azure. You can use the tags for cost analysis, grouping of resources, adding some important information etc. This article gives some hint how you can create an automatic tagging feature to your Azure subscription if you want to tag resources based on their name.

The solution uses Azure policy to achieve this option.

In Azure it is possible to create different policies for different purposes. This is default in all cases. There are huge amount of built-in policy rules which can be either customized or can be used as it is.

In this example I will show you how you can create a custom rule to filter out resources based on their name and tag these resources with a specific tag.

1. Open Azure Policy on Azure portal
   
2. Open Definitions on the left side menu. Here you can see all built-in and custom rules.
   
3. Filter to the following rule: Append a tag and its value to resources. Use the name filter at the top of page.
   
4. Click on the rule to open it. This rule is tagging automatically all resources. This is a different behavior what we want, so we need to create a new one based on this rule. To achieve this, click to Duplicate definition button at the top of the page.
   
5. On the next screen fill out the form properly. Select the location (usually a subscription or a management group). Give some name and write some specific description. Category is fine as it is. The policy rule should be updated because the original rule is not proper for us.
   
6. For the rule, use the following JSON data:

   {
     "mode": "Indexed",
     "policyRule": {
       "if": {
           "allOf": [
               {
                   "field": "[concat('tags[', parameters('tagName'), ']')]",
                   "exists": "false"
               },
               {
                   "field": "name",
                   "contains":"[parameters('searchValue')]"
               }
           ]
       },
       "then": {
         "effect": "append",
         "details": [
           {
             "field": "[concat('tags[', parameters('tagName'), ']')]",
             "value": "[parameters('tagValue')]"
           }
         ]
       }
     },
     "parameters": {
       "tagName": {
         "type": "String",
         "metadata": {
           "displayName": "Tag Name",
           "description": "Configures the tag name for related resources"
         }
       },
       "tagValue": {
         "type": "String",
         "metadata": {
           "displayName": "Tag Value",
           "description": "Configuring the tag value for resources"
         }
       },
       "searchValue": {
         "type": "String",
         "metadata": {
           "displayName": "Search string of resource",
           "description": "The policy will find resources which name contains the content of this field"
         }
       }
     }
   }

    

7. After click to Save button, you can now filter your new custom rule within the rules.
   
8. Now you just need to Assign the rule to the subscription to make it active. Click to the rule to open it, and click to Assign button at the top of the rule
   
9. On the appearing page select the Scope, write some Assignment name and click to Next
   
10. Set the parameter values (Tag name, Tag value, Search string for resource). These values in my case: name="costanalysis", value="dynamics", search="dyn". This means that if a resource name contains "dyn" word, the policy is tagging the resource with "costanalysis=dynamics" tag. Click to Review + Create button. On last screen click to Create button again.
    
11. Now test. I am creating a new storage account which name contains "dyn" word.
    
12. When the deployment done and I open the resource, the tag is already there, so the solution is working.