Forum Discussion
Azure Policy require multiple tags with values
I have a policy that requires specific tag with specific values (json below), but I want to require more tags within the same policy also with specific value and not sure how to do it... Is there...
Try this:
{
"properties": {
"displayName": "Require tags environment and department with specific values on resources",
"policyType": "Custom",
"mode": "Indexed",
"description": "Enforces required tags environment and department with their values. Does not apply to resource groups.",
"metadata": {
"category": "Tags",
"createdBy": "",
"createdOn": "",
"updatedBy": "",
"updatedOn": ""
},
"version": "1.0.0",
"parameters": {
"tagName1": {
"type": "String",
"metadata": {
"displayName": "Tag Name1",
"description": "Name of the tag, such as 'environment'"
},
"allowedValues": [
"environment"
]
},
"tagValue1": {
"type": "Array",
"metadata": {
"displayName": "Tag Value1",
"description": "Value of the tag, such as 'prod' or 'non-prod'"
},
"allowedValues": [
"prod",
"non-prod"
]
},
"tagName2": {
"type": "String",
"metadata": {
"displayName": "Tag Name2",
"description": "Name of the tag, such as 'department'"
},
"allowedValues": [
"department"
]
},
"tagValue2": {
"type": "Array",
"metadata": {
"displayName": "Tag Value2",
"description": "Value of the tag, such as 'Infra' or 'Finance'"
},
"allowedValues": [
"Infra",
"Finance"
]
}
},
"policyRule": {
"if": {
"anyOf": [
{
"not": {
"field": "[concat('tags[', parameters('tagName1'), ']')]",
"in": "[parameters('tagValue1')]"
}
},
{
"not": {
"field": "[concat('tags[', parameters('tagName2'), ']')]",
"in": "[parameters('tagValue2')]"
}
}
]
},
"then": {
"effect": "deny"
}
},
"versions": [
"1.0.0"
]
}
}