The script which I have created is identifying the subscription with the quota ID and its moving all the subscriptions with the respective quota ID to the Specified Management Group.
Connect-AzAccount
$targetManagementGroupId = "Target Management Group"
$subscriptions = Get-AzSubscription
foreach ($subscription in $subscriptions) {
#Get detailed subscription information, including quota ID and current management group
$subscriptionDetails = Get-AzSubscription -SubscriptionId $subscription.Id | Select-Object -ExpandProperty ExtendedProperties
$quotaid = $subscriptionDetails.SubscriptionPolices | ConvertFrom-Json | Select-Object -ExpandProperty quotaId
#Check if the subscription is MSDN and not already in the target management group
if ($quotaId -eq "MSDN_2014-09-01" -and $subscription.ManagementGroupId -ne $targetManagementGroupId) {
try {
#Move the subscription to the target management group
New-AzManagementGroupSubscription -GroupId $targetManagementGroupId -SubscriptionId $subscription.Id
Write-Host "Subscription '$($subscription.Name)' has been moved to the management group '$targetManagementGroupId'."
} catch {
Write-Error "Error processing subscription '$($subscription.Name)': $($_.Exception.Message)"
}
} else {
Write-Host "Subscription '$($subscription.Name)' is either not an MSDN subscription or is already in the target management group."
}
}
I want the script to move only the subscriptions which are part of the Tenant Root Group which have the exact quota Id, and not move the subscriptions which are present in another management groups.
I have figured it out, i have added tags to the subscription based on the quota id, and then move it to the target management group
# Connect to Azure with System Assigned Managed Identity
Connect-AzAccount -Identity
# Specify the target management group where the subscription needs to be moved
$targetManagementGroup = "TargetMG"
# Define the tag to check
$tagToCheck = "MSDN_Migration"
# Specify the required quota ID
$requiredQuotaId = "MSDN_2014-09-01"
# Get all subscriptions
$subscriptions = Get-AzSubscription
foreach ($subscription in $subscriptions)
{
# Get the quota ID for the current subscription
$subscriptionDetails = Get-AzSubscription -SubscriptionId $subscription.Id | Select-Object -ExpandProperty ExtendedProperties
$currentQuotaId = $subscriptionDetails.SubscriptionPolices | ConvertFrom-Json | Select-Object -ExpandProperty quotaId
# Check if the subscription has the required quota ID
if ($currentQuotaId -eq $requiredQuotaId)
{
# Get tags for the subscription
$subscriptionTags = (Get-AzTag -ResourceId "/subscriptions/$($subscription.Id)" -ErrorAction SilentlyContinue).Tags
# Check if the tag exists and matches the value
if ($subscriptionTags -and $subscriptionTags.ContainsKey($tagToCheck) -and $subscriptionTags[$tagToCheck] -eq "Yes")
{
Write-Output "Skipping subscription '$($subscription.Name)' as it already has the tag '$tagToCheck' with the value 'Yes'."
}
else
{
# Add the tag to the subscription
$newTag = @{ $tagToCheck = "Yes" }
Update-AzTag -Tag $newTag -ResourceId "/subscriptions/$($subscription.Id)" -Operation Merge
Write-Output "Added tag '$tagToCheck' to subscription '$($subscription.Name)'."
# Move the subscription to the target management group if it's not already there
$subscriptionInTargetMg = Get-AzManagementGroupSubscription -GroupName $targetManagementGroup -SubscriptionId $subscription.Id -ErrorAction SilentlyContinue
if ($subscriptionInTargetMg)
{
Write-Output "Subscription '$($subscription.Name)' is already part of the target management group '$targetManagementGroup'."
}
else
{
New-AzManagementGroupSubscription -GroupName $targetManagementGroup -SubscriptionId $subscription.Id
Write-Output "Moved subscription '$($subscription.Name)' to management group '$targetManagementGroup'."
}
}
}
else
{
Write-Output "Skipping subscription '$($subscription.Name)' as it does not have the required quota ID '$requiredQuotaId'."
}
}