I am trying to create a PowerShell script that will put a deletion lock on all Azure resources inside a specific resource group using:
PS C:\> $PSVersionTable.PSVersion
Major Minor Build Revision
----- ----- ----- --------
5 1 14393 1715
I can get the current resources in my resource group and format in a table as below
$resources=Get-AzureRmResource |Format-Table -property resourcename, resourcetype
And here is the output:
ResourceName ResourceType
------------ ------------
georgitestVM Microsoft.Compute/virtualMachines
georgitestvm39 Microsoft.Network/networkInterfaces
georgitestVM-nsg Microsoft.Network/networkSecurityGroups
georgitestVM-ip Microsoft.Network/publicIPAddresses
georgitest-vnet Microsoft.Network/virtualNetworks
dummyresourcegroup407 Microsoft.Storage/storageAccounts
storagedummyaccount Microsoft.Storage/storageAccounts
You can also find how the output looks in the attached screenshot CLICK HERE FOR SCREENSHOT)
Now I would like to create a lock for each of the 7 resources from the above table but am not sure how to figure out the syntax so that PowerShell can dynamically pipe the values from the table to the parameters of New-AzureRmResourceLock
cmdlet.
The dummy way to do these 7 locks without looping would be
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletegeorgitestVM `
-resourceName georgitestVM -ResourceType Microsoft.Compute/virtualMachines `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletegeorgitestvm39 `
-resourceName georgitestvm39 -ResourceType Microsoft.Network/networkInterfaces `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletegeorgitestVM-nsg `
-resourceName georgitestVM-nsg -ResourceType Microsoft.Network/networkSecurityGroups `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletegeorgitestVM-ip `
-resourceName georgitestVM-ip -ResourceType Microsoft.Network/publicIPAddresses `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletegeorgitest-vnet `
-resourceName georgitest-vnet -ResourceType Microsoft.Network/virtualNetworks `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletedummyresourcegroup407 `
-resourceName dummyresourcegroup407 -ResourceType Microsoft.Storage/storageAccounts `
-resourceGroupName dummyresourcegroup -force -verbose
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName YouWontDeletestoragedummyaccount `
-resourceName storagedummyaccount -ResourceType Microsoft.Storage/storageAccounts `
-resourceGroupName dummyresourcegroup -force -verbose
As can be seen, I am looking to fill the -LockName
parameter with the concatenated values of ("YouWontDelete"+$resourceName)
.
Respectively I am trying to populate the -resourcename
parameter with the resource name value from the table and finally the -resourcetype
parameter with the resource type value from the table from the start of my question.
Please recommend a possible syntax to achieve this (to create all the above 7 locks using a powershell foreach loop).
We can use this script to create lock to each resource in that resource group, here is the example:
$rg = 'jasonauto'
$resources = Get-AzureRmResource | ?{ $_.ResourceGroupName -eq 'jasonauto' } | select -expandpropert resourcename
foreach($resource in $resources){$ln = 'YouWontDelete' + $resource;
$resourcetype = (Get-AzureRmResource -ResourceGroupName 'jasonauto' -ResourceName $resource ).resourcetype;
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName $ln -resourceName $resource -ResourceType $resourcetype -resourceGroupName $rg -force -verbose}