Testing for Governance Tags on Azure Resources
  • Updated on 20 May 2020
  • 1 minute to read
  • Contributors
  • Print
  • Comments
  • Share
  • Dark
    Light

Testing for Governance Tags on Azure Resources

  • Print
  • Comments
  • Share
  • Dark
    Light

Now that I have my testing with Pester up and running to be able to test the basics, I wanted to see if I could now add some tests to cover the Governance tags I wanted to add to resources as I discussed in a previous article.
https://www.integration-playbook.io/docs/process-for-managing-tags

I would now add a test to my Pester tests which would query all of the Azure resources and go and check that the tags existed and if they had valid values. I would loop over the resources and add tests for each thing to check.

The below tests can check if the environment tag exists and if it has a valid value.

 It "Environment Tag - $($resource.Name) has an environment tag" {
                      
    $resource.Tags.ContainsKey('environment') | Should Be $true           
}

It "Environment Tag - $($resource.Name) has a valid environment tag" {
    foreach($tag in $resource.Tags){
        if($tag.Key -eq 'environment'){
            $tag.Value | Should -Match -RegularExpression 'Dev|Test|Prod'
        }
    }                                      
}

I would repeat similar tests for the other tags.

Full Script

The script to do this is below.


$resources = Get-AzResource -ResourceGroupName $resourcegroup

Describe 'Azure Resources'{
    foreach ($resource in $resources) {
        
        Context "$($resource.Name)"{

            It "$($resource.Name) has a name" {
                $resource.Name | Should Not Be ''            
            }

            It "Environment Tag - $($resource.Name) has an environment tag" {
                      
                $resource.Tags.ContainsKey('environment') | Should Be $true           
            }

            It "Environment Tag - $($resource.Name) has a valid environment tag" {
                foreach($tag in $resource.Tags){
                    if($tag.Key -eq 'environment'){
                        $tag.Value | Should -Match -RegularExpression 'Dev|Test|Prod'
                    }
                }                                      
            }

            It "Project Name Tag - $($resource.Name) has a Project Name tag" {                        
                $resource.Tags.ContainsKey('Project Name') | Should Be $true           
            }

            It "Cost Centre Tag - $($resource.Name) has a Cost Centre tag" {                        
                $resource.Tags.ContainsKey('Cost Centre') | Should Be $true           
            }          

            It "managedBy Tag - $($resource.Name) has a managed by tag" {                        
                $resource.Tags.ContainsKey('managedBy') | Should Be $true           
            }

            It "managedBy Tag - $($resource.Name) has a valid managedBy tag" {
                foreach($tag in $resource.Tags){
                    if($tag.Key -eq 'managedBy'){
                        $tag.Value | Should -Match -RegularExpression 'azuresupport@acme.com'
                    }
                }                                      
            } 

            It "Documentation Link Tag - $($resource.Name) has a documentationLink tag" {                        
                $resource.Tags.ContainsKey('documentationLink') | Should Be $true           
            }
        }       
    }
}

Was this article helpful?