0

I am writing one script to exclude all SKUs otherthan recommended in policy for that i have written script where it looks all skus and add to policy waiver list if that sku not the file i am fetching, but when i doing PScustomobject its displaying duplicate ones, Anyhelp here is much appreciated

    $exclusionsVM1 = @()
    $skus = Get-Content ".\Dseries.txt"
    
    $subs = Get-AzSubscription 
    
    
    foreach ($sub in $subs) {
        Set-AzContext -SubscriptionId $sub.Id  -WarningAction Ignore | Out-Null
        $vm = Get-AzVm
        foreach ($v in $vm) {
            if (($v.hardwareprofile.VmSize -match "Standard_D") -and ($v.hardwareprofile.VmSize -notin $skus)) {
                $WaiverlistVM1 = [PSCustomObject]@{
                    VMname = $vm.Name
                    scope  = $vm.Id 
                }    | ConvertTo-Json
$exclusionsVM1 += $WaiverlistVM1            
}
        }
    }
    $exclusionsVM | Out-File ".\D_waiverlistVM.txt"
    $exclusionsVM.count
    
    foreach ($exclusionVM in $exclusionsVM) {
        try {
            New-AzPolicyExemption -Name $exclusionVM.VMname -PolicyAssignment $Policy -Scope $exclusionVM.scope -ExemptionCategory Waiver
        }
        catch {
            Write-Host "Error while adding VM '$exclusionVM.VMname' to the exclusions" -ForegroundColor Red
        }
    }
Improve this question
5
  • Having problem at $exclusionsVM1 += $WaiverlistVM1 getting duplicate values Commented Jun 24, 2024 at 6:52
  • Get-AzVm is working fine, though if i am fetching from single subscription getting duplicate values in $exclusionsVM1 Commented Jun 24, 2024 at 8:00
  • 2
    You’re using $v as the iteration variable in foreach( $v in $vm ) but then inside the pscustomobject constructor you’re using $vm as the property value in, e.g. VMname = $vm.Name - is that the cause of your “duplicates”? Commented Jun 24, 2024 at 8:24
  • Thanks for your finding @marsze, it solved the issue Commented Jun 24, 2024 at 9:51
  • I had so many tasks that could be coded as a foreach loop driven by an array of PScustomobject that I wrote a generic tool to processes that class of problem. It's a very simple template engine. It's available at github.com/dcressey/Expand-Csv Commented Jun 24, 2024 at 10:34

1 Answer 1

Reset to default
0

I do agree with mclayton that since you are using foreach ($v in $vms), you should use $v to store VMname and scope.

Here is the updated script to create exceptions in Azure Policy.

    # Load SKUs from Dseries.txt
    $skus = Get-Content ".\Dseries.txt"
    $Assignment = Get-AzPolicyAssignment
    
    # Initialize array for VM exclusions
    $exclusionsVM1 = @()
    
    # Get Azure subscriptions
    $subs = Get-AzSubscription
    
    foreach ($sub in $subs) {
        # Set Azure context to current subscription
        Set-AzContext -SubscriptionId $sub.Id -WarningAction Ignore | Out-Null
        $vms = Get-AzVM
        
        foreach ($vs in $vms) {
            # Check if VM size matches "Standard_B2ms" or "Standard_B1s" and is not in $skus
            if ($vm.HardwareProfile.VmSize -eq "Standard_B2ms") {
                # Create custom object for waiver list
                $WaiverlistVM1 = [PSCustomObject]@{
                    VMname = $v.Name
                    Scope  = $v.Id 
                }
                
                # Add object to $exclusionsVM1 array
                $exclusionsVM1 += $WaiverlistVM1
            }
        }
    }
    
    # Output $exclusionsVM1 to JSON file
    $exclusionsVM1 | ConvertTo-Json | Out-File ".\D_waiverlistVM.txt"
    
    
    
    # Apply policy exemptions for each VM in $exclusionsVM1
    foreach ($exclusionVM in $exclusionsVM1) {
        try {
            New-AzPolicyExemption -Name $exclusionVM.VMname -PolicyAssignment $Assignment -Scope $exclusionVM.Scope -ExemptionCategory "Waiver"
        }
        catch {
            Write-Host "Error while adding VM '$($exclusionVM.VMname)' to the exclusions" -ForegroundColor Red
        }
    }

Output:

enter image description here

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.