|
# Run with tags-to-delete.csv execute |
|
|
|
|
|
# Example CSV |
|
# Tags |
|
# BU |
|
# BU responsable |
|
# BU Responsible |
|
# BU_responsible |
|
# BU_Responsible |
|
# businessunit |
|
# Businessunit |
|
# BusinessUnit |
|
# CO responsable |
|
# CO responsible |
|
# Co_Responsible |
|
# CO_responsible |
|
# Costcenter |
|
# CostCenter |
|
# costcenter |
|
# description |
|
# Description |
|
# IT responsable |
|
# IT Responsible |
|
# IT_responsible |
|
# IT_Responsible |
|
# landscape |
|
# Landscape |
|
# Recharge |
|
# stream |
|
# Stream |
|
|
|
az login |
|
$csv = Import-Csv $args[0] |
|
$arguments = $args |
|
az account list | ConvertFrom-Json | foreach { |
|
$subscription = $_ |
|
az account set -s $($subscription.id) |
|
|
|
$tagsToDelete = @() |
|
foreach ($row in $csv) { |
|
$tag = $row.tags |
|
$tagsToDelete += $tag |
|
} |
|
|
|
[array]$groups = $(az group list | ConvertFrom-Json) |
|
[array]$resources = $(az resource list | ConvertFrom-Json) |
|
$allItems = $groups + $resources |
|
$importance = "CanNotDelete", "ReadOnly" |
|
if ($allItems.length -gt 0) { |
|
$($allItems) | foreach { |
|
$resourceId = $_.id |
|
if ($_.tags -ne $null) { |
|
$newTagsCount = 0 |
|
$tagsReplacement = @{} |
|
$_.tags.psobject.properties | ForEach-Object { |
|
if (!$tagsToDelete.Contains($_.name)) { |
|
$tagsReplacement["$($_.name)"] = $($_.value) |
|
$newTagsCount++ |
|
} |
|
} |
|
if ( $newTagsCount -gt 0 -and $newTagsCount -ne $($_.tags.psobject.properties).length) { |
|
$azclicommand = "az tag update --operation Replace --tags ... --resource-id $($resourceId)" |
|
Write-Output $azclicommand |
|
if ("EXECUTE" -in $arguments -or "execute" -in $arguments) { |
|
$locks = az lock list --resource $resourceId | ConvertFrom-Json |
|
$locks = $locks | Sort-Object { $importance.IndexOf($_.level) } |
|
$locks | ForEach-Object { |
|
az lock delete --id "$($_.id)" |
|
} |
|
$content = @{ |
|
"operation" = "Replace"; |
|
"properties" = @{ |
|
"tags" = $($tagsReplacement) |
|
} |
|
} |
|
$bodyString = $content | ConvertTo-Json -Compress |
|
$bodyString = $bodyString -replace "`"", "\`"" -replace ":\\", ": \" |
|
az rest --method patch --headers "Content-Type=application/json" --uri "$resourceId/providers/Microsoft.Resources/tags/default?api-version=2019-10-01" --body $bodyString |
|
foreach ($lock in $locks) { |
|
az lock create --lock-type $lock.level --name $lock.name --resource $resourceId |
|
} |
|
} |
|
} |
|
elseif ($($_.tags.psobject.properties).length -gt 0 -and $newTagsCount -eq 0) { |
|
$azclicommand = "az tag delete --resource-id $resourceId --yes" |
|
Write-Output $azclicommand |
|
if ("EXECUTE" -in $arguments -or "execute" -in $arguments) { |
|
$locks = az lock list --resource $resourceId | ConvertFrom-Json |
|
$locks = $locks | Sort-Object { $importance.IndexOf($_.level) } |
|
$locks | ForEach-Object { |
|
az lock delete --id "$($_.id)" |
|
} |
|
$azclicommand | Invoke-Expression | Out-Null |
|
foreach ($lock in $locks) { |
|
az lock create --lock-type $lock.level --name $lock.name --resource $resourceId |
|
} |
|
} |
|
} |
|
elseif ($newTagsCount -gt 0 -and $newTagsCount -eq $($_.tags.psobject.properties).length) { |
|
Write-Output "No tags will be changed $resourceId" |
|
} |
|
else { |
|
Write-Output "No tags for $resourceId" |
|
} |
|
} |
|
} |
|
} |
|
} |
