Benchmark: Untagged
Description
Untagged resources are difficult to monitor and should be identified and remediated.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-tagsStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Untagged.
Run this benchmark in your terminal:
powerpipe benchmark run azure_tags.benchmark.untaggedSnapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_tags.benchmark.untagged --shareControls
- API Management services should be tagged
- App Service environments should be tagged
- App Service function apps should be tagged
- App Service plans should be tagged
- App Service web apps should be tagged
- Application security groups should be tagged
- Batch accounts should be tagged
- Compute availability sets should be tagged
- Compute disk encryption sets should be tagged
- Compute disks should be tagged
- Compute images should be tagged
- Compute snapshots should be tagged
- Compute virtual machine scale sets should be tagged
- Compute virtual machines should be tagged
- Container registries should be tagged
- CosmosDB accounts should be tagged
- CosmosDB mongo databases should be tagged
- CosmosDB sql databases should be tagged
- Data factories should be tagged
- Data lake analytics accounts should be tagged
- Data lake stores should be tagged
- Event Hub namespaces should be tagged
- ExpressRoute circuits should be tagged
- Firewalls should be tagged
- IoT Hubs should be tagged
- Key vault deleted vaults should be tagged
- Key vault keys should be tagged
- Key vault managed hardware security modules should be tagged
- Key vault secrets should be tagged
- Key vaults should be tagged
- Kubernetes clusters should be tagged
- Load balancers should be tagged
- Log alerts should be tagged
- Log profiles should be tagged
- Logic app workflows should be tagged
- MariaDB servers should be tagged
- Microsoft SQL elasticpools should be tagged
- Microsoft SQL managed instances should be tagged
- MySQL servers should be tagged
- Network interfaces should be tagged
- Network security groups should be tagged
- Network watcher flow logs should be tagged
- Network watchers should be tagged
- PostgreSQL servers should be tagged
- Public IPs should be tagged
- Recovery services vaults should be tagged
- Redis caches should be tagged
- Resource groups should be tagged
- Route tables should be tagged
- Search services should be tagged
- Service Bus namespaces should be tagged
- SQL databases should be tagged
- SQL servers should be tagged
- Storage accounts should be tagged
- Stream Analytics jobs should be tagged
- Virtual network gateways should be tagged
- Virtual networks should be tagged