Azure Tag policy require specific tag with specific values
Hello:
I am trying to create policy that would require a specific tag with only certain values (for example, tag deployment that can only be prod/non-prod) and having trouble to do it.
Can someone please help?
Looks like I can do a policy where I can choose during assignment (in parameters) what exact value I want to see (see json below), but I want to deny anything (deployment, adjustments and etc.) if the tag value not in my list…
{
“mode”: “Indexed”,
“policyRule”: {
“if”: {
“not”: {
“field”: “[concat(‘tags[‘, parameters(‘tagName’), ‘]’)]”,
“equals”: “[parameters(‘tagValue’)]”
}
},
“then”: {
“effect”: “deny”
}
},
“parameters”: {
“tagName”: {
“type”: “String”,
“metadata”: {
“displayName”: “Tag Name1”,
“description”: “Name of the tag, such as ‘environment'”
}
},
“tagValue”: {
“type”: “String”,
“metadata”: {
“displayName”: “Tag Value1”,
“description”: “Value of the tag, such as ‘production'”
},
“allowedValues”: [
“prod”,
“non-prod”
]
}
}
}
Thank you!
Hello: I am trying to create policy that would require a specific tag with only certain values (for example, tag deployment that can only be prod/non-prod) and having trouble to do it. Can someone please help? Looks like I can do a policy where I can choose during assignment (in parameters) what exact value I want to see (see json below), but I want to deny anything (deployment, adjustments and etc.) if the tag value not in my list… {“mode”: “Indexed”,”policyRule”: {“if”: {“not”: {“field”: “[concat(‘tags[‘, parameters(‘tagName’), ‘]’)]”,”equals”: “[parameters(‘tagValue’)]”}},”then”: {“effect”: “deny”}},”parameters”: {“tagName”: {“type”: “String”,”metadata”: {“displayName”: “Tag Name1″,”description”: “Name of the tag, such as ‘environment'”}},”tagValue”: {“type”: “String”,”metadata”: {“displayName”: “Tag Value1″,”description”: “Value of the tag, such as ‘production'”},”allowedValues”: [“prod”,”non-prod”]}}} Thank you! Read More