Private/Runbooks/Delete-TaggedResource.Runbook.ps1
<#
.Synopsis This Azure Automation runbook removes resources with $deleteTag tag set to today. .Description Completes the following: * Connects to Azure AD with a Service Principal and Connect-AzAccount. * Removes all the resources with $deleteTag tag matching today's date. * Removes resource groups with $deleteTag tag matching today's date. #> # Write-Output is used instead of Write-Verbose for logging on Automation account console. $ErrorActionPreference = "Stop" # Get the Service Principal connection details for the Connection name $servicePrincipalConnection = Get-AutomationConnection -Name "AzureRunAsConnection" # Logging in to Azure AD with Service Principal Write-Output "Logging in to Azure AD..." Connect-AzAccount -TenantId $servicePrincipalConnection.TenantId ` -ApplicationId $servicePrincipalConnection.ApplicationId ` -CertificateThumbprint $servicePrincipalConnection.CertificateThumbprint $deleteTag = "cm-delete" Write-Output "Checking for resource groups to be deleted.." $resourceGroupstoDelete = Get-CmAzService -ServiceKey $deleteTag -Service $(Get-date -Format "dd/MM/yyyy") -IsResourceGroup if ($resourceGroupstoDelete) { Write-Output "Below resource groups will be deleted.." $resourceGroupstoDelete | Write-Output $resourceGroupstoDelete | ForEach-Object { Write-Output "Removing resource group $($_.ResourceGroupName)" Remove-AzResourceGroup -Id $_.ResourceId -Force > $null } } else { Write-Output "No resource group tagged for deletion" } Write-Output "Checking for resources to be deleted.." $resourcestoDelete = Get-CmAzService -ServiceKey $deleteTag -Service $(Get-date -Format "dd/MM/yyyy") if ($resourcestoDelete) { Write-Output "Below resources will be deleted.." $resourcestoDelete | Write-Output $resourcestoDelete | ForEach-Object { Write-Output "Removing resource : $($_.Name)" Remove-AzResource -ResourceId $_.resourceId -Force > $null } } else { Write-Output "No specific resources tagged for deletion" } |