Azure Policy - Auto shutdown your virtual machines

[github-actions[bot]]

This issue was automatically created by the GitHub Action workflow

[usnoozeyulosey]

Hello Wilfried, I am pulling this apart to understand this a little better (as I am very knew to Azure policies and Json). I have a few questions, first namely, when you call PolicyRule "If" and than "then" you detail the schedule. When you write this schedule, why do you need to outline the "field" and then on the line below detail the "field" again but as an "equals"?

Second question I have is around "resources" section on line 114. On line 121-123 you write the parameters, as an example , "[parameters('timezone')]", When I lookup "Microsoft.DevTestLab/schedules" I see that the "scheduleProperties" detail a "timeZoneId". Should this be referenced in your or is it fine to just have it as "timeZone" as you have it on line 122?

Thank you :)

[Fakri09]

Hello wilfriedwoivre,

Thanks for the ARM Code for Azure Policy, I am new to Azure Policy and very interested in doing the same as you.

I got your JSON and copied it to a new creation of an Azure Policy definition, assigned it in my subscription.

Then I will need you to tell me where can I define the time to turn off the VMs and also the recurrence of this, because for my part, I need my already existing VMs as well as the VMs that I create must turn off at most within 48 hours ideally or every evening, because we have a test tenant and it happens that sometimes we forget to turn them off, and the cost becomes enormous when they remain open for a full month so that we worked only 1 afternoon.

And can you tell me if I should tag just the name or the name and the value on each VM? so that I understand correctly, for example:

• do I have to enter as tag "name: AutoShutdown-TimeZone value: (empty)"

• or do I enter as tag " name: AutoShutdown value: TimeZone"

Thank you for your time. Fakri.

[wilfriedwoivre]

Hello,

Thanks for the comments.

This policy is very old, i don't test it recently, i wrote it for a previous company.

For @usnoozeyulosey, i check the field again to validate if it the same during the assignement of my policy. In my use case i assign it automatically during provisionning process. And yes the timezone is corresponding of mine

For @Fakri09 , Yes finops is the purpose of these policy, you need to add the tags for each VMs, but, as i indicate in the end of the post, you can create a policy to automatically add the tags on each VMs in your tenant. Morever, i think you can leverage on new functions on ARM template with date manipulation

[Fakri09]

Thank you for your reply.

So for me it didn't work. I put the tags on the vm, the timezone and the time of the extinction of the vm, I get these errors:

Compliance state Non-compliant Last evaluated 11/08/2023 06:41:09 Definition version

Reason for non-compliance No related resources match the effect details in the policy definition. Existence condition Type Microsoft.DevTestLab/schedules

Reason for non-compliance Current value must be equal to the target value. Field tags.AutoShutdown-Enabled Current value

Target value "Enabled"

For the strategy code, I took exactly the same as yours on this site, I didn't change anything.

Can you help me tell me what's wrong?

FYI, my VM is not part of a DevTest Lab but I want it to turn off via your policy and tags.

THANKS.