Checks whether each resource inherits a specified tag from the resource group to which the resource belongs. If so, the evaluation result is Compliant.
Scenarios
This rule applies when you need to check whether a resource automatically inherits a specified tag of the resource group to which the resource belongs. This way, you can manage the resources of a resource group with high efficiency.
Risk level
Default risk level: high.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If each resource inherits a specified tag from the resource group to which the resource belongs, the evaluation result is Compliant.
- If a resource does not inherit a specified tag from the resource group to which the resource belongs, the evaluation result is Incompliant. For more information about how to remediate an incompliant configuration, see Incompliance remediation.
- This rule does not apply to resources that do not belong to a resource group, or scenarios in which a resource is added to a resource group to which no tag is attached.
Rule details
| Item | Description |
|---|---|
| Rule name | resources-inherit-tags-from-resource-group |
| Rule identifier | resources-inherit-tags-from-resource-group |
| Tag | ResourceGroup and Tag |
| Automatic remediation | Supported |
| Trigger type | Configuration change |
| Supported resource type | Resource types |
| Input parameter | inheritTagKeysNote Separate multiple values with commas (,).
|
Incompliance remediation
Create a custom tag and attach the tag to a resource. For more information, see Add a custom tag.