Forum Discussion
Problems with a tagging policy and moving Azure SQL Databases
We have a custom tagging policy that requires an ITSponsor tag on each Azure resource. A team has recently run into a problem moving an Azure SQL Database from one resource group to another. The error reported is:
code: ResourceMovePolicyValidationFailed
message: Resource 'master' was disallowed by policy.
policy name: Require ITSponsor tag on resources
Since the master (and tempdb) databases are not "visible" to the team in order to apply tags, this is a problem.
I've tried to update the condition of the policy as follows, but it is still preventing the move. Any suggestions as to what the problem is, that the policy is still applying to the master (and, I assume, tempdb) databases?
"if": {
"allOf": [
{
"field": "[concat('tags[', parameters('RequireITSponsorTagOnResourcesTagName'), ']')]",
"exists": "false"
},
{
"not": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Sql/servers/databases"
},
{
"anyOf": [
{
"field": "name",
"like": "*/master"
},
{
"field": "name",
"like": "*/tempdb"
}
]
}
]
}
}
]
}
1 Reply
- If I am not mistaken, the name of the databases are master & tempdb and not */master or */tempdb
Try using
{
"field": "name",
"equals": "master"
},
