turbot/azure_tags

Control: Key vault deleted vaults should not exceed tag limit

Description

Check if the number of tags on Key vault deleted vaults do not exceed the limit.

Usage

Run the control in your terminal:

powerpipe control run azure_tags.control.key_vault_deleted_vault_tag_limit

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run azure_tags.control.key_vault_deleted_vault_tag_limit --share

Steampipe Tables

Params

ArgsNameDefaultDescriptionVariable
$1tag_limit
45

SQL

with analysis as (
select
id,
title,
cardinality(array(select jsonb_object_keys(tags))) as num_tag_keys,
_ctx,
tags,
resource_group,
subscription_id,
region
from
azure_key_vault_deleted_vault
)
select
id as resource,
case
when num_tag_keys > $1::integer then 'alarm'
else 'ok'
end as status,
title || ' has ' || num_tag_keys || ' tag(s).' as reason
, subscription_id as subscription_id
from
analysis;