如何在 Azure 策略中实施标记值模式?
How to enforce Tag value pattern in Azure policy?
我想为资源组所需的标签强制执行标签值模式“RJGVM-###”。
我设法让它成为必需的,但每当我输入任何值时它仍然通过。
{
"mode": "All",
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"not": {
"field": "[concat('tags[',parameters('tagName'), ']')]",
"exists": "true"
}
},
{
"value": "[resourceGroup().tags[parameters('tagName')]]",
"notMatch": "RJGVM-###"
}
]
},
"then": {
"effect": "deny"
}
},
"parameters": {
"tagName": {
"type": "String",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'environment'"
}
}
}
}
请参考下面提到的这个例子link以确保标签值匹配模式:
https://github.com/Azure/azure-policy/tree/master/samples/TextPatterns/enforce-tag-match-pattern
我想为资源组所需的标签强制执行标签值模式“RJGVM-###”。 我设法让它成为必需的,但每当我输入任何值时它仍然通过。
{
"mode": "All",
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"not": {
"field": "[concat('tags[',parameters('tagName'), ']')]",
"exists": "true"
}
},
{
"value": "[resourceGroup().tags[parameters('tagName')]]",
"notMatch": "RJGVM-###"
}
]
},
"then": {
"effect": "deny"
}
},
"parameters": {
"tagName": {
"type": "String",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'environment'"
}
}
}
}
请参考下面提到的这个例子link以确保标签值匹配模式:
https://github.com/Azure/azure-policy/tree/master/samples/TextPatterns/enforce-tag-match-pattern