Need to create an Azure Policy that would add multiple tag names and tag values
Need to assign a policy in Azure, where the resources are to be deployed only using the specified tag names and values.
{
"properties": {
"displayName": "Enforce tag and its value",
"policyType": "BuiltIn",
"description": "Enforces a required tag and its value.",
"parameters": {
"tagName": {
"type": "String",
"metadata": {
"description": "Name of the tag, such as costCenter"
}
},
"tagValue": {
"type": "String",
"metadata": {
"description": "Value of the tag, such as headquarter"
}
}
},
"policyRule": {
"if": {
"not": {
"field": "[concat('tags[', parameters('tagName'), ']')]",
"equals": "[parameters('tagValue')]"
}
},
"then": {
"effect": "deny"
}
}
},
"id": "/providers/Microsoft.Authorization/policyDefinitions/1e30110a-5ceb-460c-a204-c1c3969c6d62",
"type": "Microsoft.Authorization/policyDefinitions",
"name": "1e30110a-5ceb-460c-a204-c1c3969c6d62"
}
The code describes how to add tag name and value for a single tag. Need to add more than one tag value and tag name.
how about something like this:
"if": {
"not": {
"allOf": [
{
"field": "[concat('tags[', parameters('tagName1'), ']')]",
"equals": "[parameters('tagValue1')]"
},
{
"field": "[concat('tags[', parameters('tagName2'), ']')]",
"equals": "[parameters('tagValue2')]"
}
]
},
"then": {
"effect": "deny"
}
},
and you'd need 2 additional parameters as well.