Remove old Azure resources based on tags
Table of content
If you want to create your own or contribute to an existing GitHub project, you are on the right page.
Introduction
Many companies have big infrastructures, but often overlook the organization of their resources in Azure. This oversight can make simple tasks, such as tracking, unnecessarily complicated just because resources weren't properly organized.
With Azure resource tagging, you can assign metadata to your resources, making it easy to filter and locate resources that share the same tag!
This script has been forked and updated from: Using Azure tags to improve resources organization | by Amine Charot | Charot | Medium
What is a tag?
A tag is a Key/Value pair. It can be applied to the resource groups or Directly on the resources. It is searchable so it can be used to find resources or resource groups using Powershell or Azure Portal …
Microsoft official documentation is available here: Tag resources, resource groups, and subscriptions for logical organization - Azure Resource Manager | Microsoft Learn
Using the PowerShell command:
1(Get-AzResource -Tag @{ Environment="PROD"}).Name
It will return all the resources that contain the PROD tag. You can separate costs based on a tag name, so the tags in Azure may be useful for billing information.
Common tags
Environment : The environment which may be sandbox, dev or prod …
CreatedBy : The person who creates the resource.
CreationDate : When the resource has been created.
ime To Live : If it is a temporary resource, how much time it must live.
Criticality : The importance of the resource.
Note : The creation date may be useful if you want to find all the resources created on the same day.
Temporary resources use case
Tags can be incredibly useful for automation. For example, if you have temporary resources, you can apply a "Time To Live" (TTL) tag to them.
In this scenario, you can create a storage account and assign it a "Time To Live" tag. Once the TTL is exceeded, the storage account can be automatically deleted.
In this case, the CreationDate tag date format is: dd-MM-yy
By using a PowerShell script, you can automate the process of finding and deleting all temporary resources based on their "TTL" tag.
This script will find all the resources that contain a “TTL” tag, it will compare the current date with the creation one. If the difference between them is greater than the TTL so we remove the resource.
Using these tags, it will be easier for you to purge the old resources.
Now if we want to remove all the expired resources, we just have to run the script :
1$resources = Get-AzResource|Where-Object {$_.tags.keys -match "TTL"}
2$currentDate = Get-Date -format "dd-MM-yy"
3$resources.foreach{
4 $creationDate = Get-Date $PSItem.tags["CreationDate"]
5 $days = (New-TimeSpan -Start $creationDate -End $currentDate).days
6 $difDays = $PSItem.tags["TTL"] - $days
7 if($difDays -le 0)
8 {
9 $resourceName = $PSItem.Name
10 Write-Output "Remove the resource $resourceName"
11 Remove-AzResource -ResourceId $PSItem.ResourceId -Force
12 }
13}Automatically add tag CreatedBy use case
Some tags (like the Time To Live, Criticality or createdDate) may be added on creation.
For untagged or legacy resources without “CreatedBy” can be added automatically using a script.
This script will get all the resources and for every untagged one, it will apply a “CreatedBy” Tag.
1$resources = Get-AzResource
2
3$currentTime = Get-Date
4$endTime = $currentTime.AddDays(-7 * $cnt)
5$startTime = $endTime.AddDays(-7)
6
7$resources.foreach{
8 $untaggedResources = $PSItem.tags["CreatedBy"]
9 if($untaggedResources -eq $null)
10 {
11 $owner = Get-AzLog -ResourceId $PSItem.ResourceId -StartTime $startTime -EndTime $endTime | Where {$_.Authorization.Action -like "*/write*"} |
12 Select -ExpandProperty Caller |
13 Group-Object |
14 Sort-Object |
15 Select -ExpandProperty Name
16 $PSItem.Tags.Add("CreatedBy", $owner)
17 $PSItem | Set-AzResource -Force
18 }
19
20}Enjoy!