azure-policy
1 Topic
Checking that old and new ressources are configured with a tag with specific case
Hello Azure community! I'm configuring an Azure Policy to check presence of a tag on new and old ressources. Checking the presence only was quite easy: policy_rule = <<RULE { "if": { "allOf": [ { "field": "type", "equals": "Microsoft.Resources/subscriptions/resourceGroups" }, { "field": "[concat('tags[', parameters('TagName'), ']')]", "exists": "false" } ] }, "then": { "effect": "[parameters('effect')]" } } RULE With following parameters: parameters = <<PARAMETERS { "tagName": { "type": "String", "metadata": { "displayName": "Tag Name", "description": "Name of the tag, such as 'environment'" } }, "effect": { "type": "String", "defaultValue": "Audit", "allowedValues": [ "Audit", "Deny", "Disabled" ], "metadata": { "displayName": "Effect", "description": "The effect determines what happens when the policy rule is evaluated to match" } } } PARAMETERS But now I want that the policy rule also checks the case of the tagName parameters. Ex: guess expected tagName is `RigorousMakeMeHappy`. Then, I want that ressources be configured with `RigorousMakeMeHappy` but not with `rigorousmakemehappy` or `rigorousMakeMeHappy` or `RIGOROUSMAKEMEHAPPY` etc. And I struggled two days w/o success. I tried, among others things, the following: policy_rule = <<RULE { "if": { "anyOf": [ { "field": "tags", "match": "[parameters('tagName')]" } ] }, "then": { "effect": "[parameters('effect')]" } } RULE I tried to achieve with following documentations: - https://learn.microsoft.com/en-us/azure/governance/policy/samples/pattern-fields - https://stackoverflow.com/questions/59653416/multiple-name-pattern-and-parameter-definition - https://learn.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure Thanks for your precious help !Solved679Views0likes1Comment