Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tags created via Policy are removed for some resources when deploying a bicep file without tags specified #16042

Open
JonasCordsen opened this issue Jan 7, 2025 · 0 comments
Open

Tags created via Policy are removed for some resources when deploying a bicep file without tags specified #16042

JonasCordsen opened this issue Jan 7, 2025 · 0 comments
Labels
Needs: Triage 🔍

Comments

@JonasCordsen
Copy link

Bicep version
Bicep CLI version 0.32.4 (b326faa)

Describe the bug
When deploying some resources to azure, where Tags are not specified, it will remove all tags created via policy from the resources al ready pressent in that resource.

Following resources have been seen to have the issue:
Microsoft.App/jobs
Microsoft.App/managedEnvironments
Microsoft.AutoManage/configurationProfiles
Microsoft.ResourceGraph/queries

Resources where this works as expected, that is if the tags are not specified in the resource, existing tags are not removed
Microsoft.Network/virtualNetworks

To Reproduce
Create a Microsoft.AutoManage/configurationProfiles, add tags via portal

The following can be used

param location string
param AutoManageName string

resource AutoManage 'Microsoft.AutoManage/configurationProfiles@2022-05-04' = {
  location: location
  name: AutoManageName
  properties: {
    configuration: {
      'Antimalware/Enable': true
      'Backup/Enable': false
      'WindowsAdminCenter/Enable': false
      'VMInsights/Enable': false
      'DefenderForCloud/Enable': true
      'UpdateManagement/Enable': false
      'ChangeTrackingAndInventory/Enable': false
      'GuestConfiguration/Enable': true
      'AutomationAccount/Enable': false
      'LogAnalytics/Enable': false
      'BootDiagnostics/Enable': true
    }
  }
}

Additional context

A work around can be done, by setting tags in the bicep code to a tag, or just an empty object, this will leave the policy created tags in place
Following does not cause the issue

param location string
param AutoManageName string

resource AutoManage 'Microsoft.AutoManage/configurationProfiles@2022-05-04' = {
  location: location
  name: AutoManageName
  properties: {
    configuration: {
      'Antimalware/Enable': true
      'Backup/Enable': false
      'WindowsAdminCenter/Enable': false
      'VMInsights/Enable': false
      'DefenderForCloud/Enable': true
      'UpdateManagement/Enable': false
      'ChangeTrackingAndInventory/Enable': false
      'GuestConfiguration/Enable': true
      'AutomationAccount/Enable': false
      'LogAnalytics/Enable': false
      'BootDiagnostics/Enable': true
    }
  }
  tags: {}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Needs: Triage 🔍
Projects
Bicep
Status: Todo
Milestone
No milestone
Development

No branches or pull requests
1 participant
@JonasCordsen