Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PSRule] Fix Rule Azure.Resource.UseTags #2666

Closed
2 tasks done
Tracked by #2151
fabmas opened this issue Feb 7, 2023 · 2 comments · Fixed by #2860
Closed
2 tasks done
Tracked by #2151

[PSRule] Fix Rule Azure.Resource.UseTags #2666

fabmas opened this issue Feb 7, 2023 · 2 comments · Fixed by #2860
Assignees
@fabmas @elbatane @elanzel
Labels
[cat] modules category: modules enhancement New feature or request

Comments

@fabmas
Copy link
Member

fabmas commented Feb 7, 2023
edited
Loading

Rule Azure.Resource.UseTags

Error example: Error: AZR-000166: ***splhcom001 failed Azure.Resource.UseTags. Azure resources should be tagged using a standard convention.
There are no modules where we need to add tags support. So the 2 scenarios are:

  • resource supporting tags but tags not used in test files

  • Azure resource not supporting tags

  • Add tags with values in test files for the following modules:
    Microsoft.Compute/availabilitySets
    Microsoft.Compute/diskEncryptionSets
    Microsoft.Compute/disks
    Microsoft.Compute/galleries
    Microsoft.Compute/virtualMachines
    Microsoft.Compute/virtualMachineScaleSets
    Microsoft.ContainerInstance/containerGroups
    Microsoft.DataProtection/backupVaults
    Microsoft.HealthBot/healthBots
    microsoft.insights/actionGroups
    Microsoft.Insights/activityLogAlerts
    Microsoft.Insights/components
    Microsoft.Insights/metricAlerts
    microsoft.insights/privateLinkScopes
    Microsoft.Insights/scheduledQueryRules
    Microsoft.Network/ApplicationGatewayWebApplicationFirewallPolicies
    Microsoft.Network/applicationSecurityGroups
    Microsoft.Network/connections
    Microsoft.Network/ddosProtectionPlans
    Microsoft.Network/dnsResolvers
    Microsoft.Network/firewallPolicies
    Microsoft.Network/ipGroups
    Microsoft.Network/loadBalancers
    Microsoft.Network/localNetworkGateways
    Microsoft.Network/networkInterfaces
    Microsoft.Network/networkManagers
    Microsoft.Network/networkWatchers
    Microsoft.Network/privateDnsZones
    Microsoft.Network/privateEndpoints
    Microsoft.Network/privateLinkServices
    Microsoft.Network/publicIPPrefixes
    Microsoft.Network/routeTables
    Microsoft.Network/virtualHubs
    Microsoft.Network/virtualNetworks
    Microsoft.Network/virtualWans
    Microsoft.Network/vpnGateways
    Microsoft.Resources/deploymentScripts
    Microsoft.Resources/resourceGroups
    Microsoft.ServiceFabric/clusters
    Microsoft.SignalRService/webPubSub
    Microsoft.Sql/servers
    Microsoft.Storage/storageAccounts
    Microsoft.Synapse/privateLinkHubs
    Microsoft.VirtualMachineImages/imageTemplates
    Microsoft.Web/connections
    Microsoft.Web/staticSites
    https://github.com/Azure/ResourceModules/pull/2241/files can be used as a reference, the following code needs to be added:

  tags: {
      Environment: 'Non-Prod'
      Role: 'DeploymentValidation'    ----> there is no standard with TAGS, should we standardize?
    }

Examples of other found tags:
tags: {      purpose: 'test'    }

  • Add resource or file path to exclusion because tags are not supported by the resource:
    Microsoft.KubernetesConfiguration/extensions
    Microsoft.KubernetesConfiguration/fluxConfigurations
    Microsoft.ManagedServices/registrationAssignments
    Microsoft.ManagedServices/registrationDefinitions
    Microsoft.Management/managementGroups
    Microsoft.OperationsManagement/solutions
    Microsoft.PolicyInsights/remediations
@fabmas fabmas mentioned this issue Feb 7, 2023
Closed
@fabmas fabmas added enhancement New feature or request [cat] modules category: modules labels Feb 7, 2023
@elanzel
Copy link
Contributor

elanzel commented Feb 10, 2023

Tags added in modules supporting tags

@fabmas fabmas mentioned this issue Mar 2, 2023
Merged
7 tasks
@BernieWhite BernieWhite mentioned this issue Apr 3, 2023
Closed
9 tasks
@BernieWhite
Copy link

We made some improvements to tagging exclusions Azure/PSRule.Rules.Azure#2129 in PSRule for Azure based on this issue that shipped with v1.26.1.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fabmas fabmas

@elbatane elbatane

@elanzel elanzel

Labels
[cat] modules category: modules enhancement New feature or request
Projects
Backlog
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Modules] PSRule - Fix Rule Azure.Resource.UseTags Azure/ResourceModules
4 participants
@BernieWhite @fabmas @elbatane @elanzel