In Microsoft Azure, you can assign Tags to Azure Resources to add additional metadata to them. This can be used to enhance the reporting of your Azure Resources so you can determine which Business Unit or Department in your organization is responsible for paying for the resources. Tags are also used to add any other additional metadata to the Azure Resources that may be needed.

There are several different Tags that could be added to Azure Resources that are useful for different purposes, such as Department, Business Unit, Cost Center, Environment, etc. It can also be useful to add a Tag (like source or other) when managing Azure Resources using Terraform to mark them visibly that they are created / managed using Terraform or just through automation in general.



Flag Azure Resources as Managed by Terraform using source Tag

It’s important to know which Azure Resources in an Azure Subscription are created / managed using Terraform, versus Azure Resources that may be managed manually or through other automation. A Tag such as one named source or automation with the value of terraform can be used to flag or indicate that the Azure Resource is managed by Terraform.

Below is an example of the Terraform code to create an Azure Resource Group with the Tag source assigned with the value of terraform:

resource "azurerm_resource_group" "main_rg" {
  name     = "E1-PROD-DataLake-rg"
  location = "East US"

  tags = {
    source = "terraform"
  }
}

These Azure Resource Tags can be viewed in the Azure Portal or through scripting tools such as the Azure CLI or PowerShell. The command-line tools, like Azure CLI, also enable the ability to list out all resources with a specific Tag.

Many of the Azure CLI commands support the --query argument that allows you to write a query to filter the list of resources returned by the commands. The Azure CLI az resource list command also support the --tag argument to be able to list out all Azure Resources with a specific Tag and value, as seen below:

az resource list --tag source=terraform

The Azure CLI is just one example. Just know that once the Tags are applied, it’s not just a one way operation. Filtering on Tags can be used to write scripts for reporting, filtering, and working with Azure Resources. In addition the the Resource name, the Tags can also be used as another set of metadata applied to the resources to help better manage those resources.


Local Variable to Add Same Tags to All Azure Resources

When adding Tags to Azure Resources using Terraform, it’s helpful to use a local variable to hold the default values for the Tags you want applied to Azure Resources so it can be easily reused across all the various resources managed within the Terraform project.

Below is an example local variable with some default Tags to apply to the many resources managed by the Terraform project:

locals {
  tags = {
    environment = "prod"
    department = "finance"
    source = "terraform"
  }
}

When you declare resource blocks to create / manage Azure Resources within the Terraform project you can reference the local.tags variable to reuse these default tags, and combine it with the merge() method to add any additional Tags needed on the individual resource.

Below is a couple examples of referencing the local.tags variable and using the merge() method to add some more to this individual resource:

resource "azurerm_resource_group" "main_rg" {
  name     = "E1-PROD-DataLake-rg"
  location = "East US"

  tags = merge(local.tags, {
    workload = "data lake"
  })
}

resource "azurerm_synapse_workspace" "datalake_syn" {
  name = "E1-PROD-DataLake-syn"
  resource_group_name = azurerm_resource_group.main_rg.name
  location = azurerm_resource_group.main_rg.location
  
  tags = merge(local.tags, {
    workload = "data lake"
  })
}

With the above code, the same default Tags from the local.tags variable are applied to all the Azure Resources created / managed by the Terraform project. If these default Tags ever need to be changed, then you can easily change them by updating the local.tags variable and re-running the Terraform Apply to apply those changes to the project.

Related: If you are looking for guidance on coming up with a naming convention for Azure resources, I encourage you to check out my “Azure Resource Naming Conventions and Best Practices” article.

Happy scripting!

Microsoft MVP

Chris Pietschmann is a Microsoft MVP (Azure & IoT) and HashiCorp Ambassador (2021) with 20+ years of experience designing and building Cloud & Enterprise systems. He has worked with companies of all sizes from startups to Fortune 100. He is also a Microsoft Certified Azure Solutions Architect and developer, a Microsoft Certified Trainer (MCT), and Cloud Advocate. He has a passion for technology and sharing what he learns with others to help enable them to learn faster and be more productive.