2

I am trying to enforce Azure resource naming pattern for prod/dev/uat environments, the suggested pattern is [service name]-[environment]-[resource short name]. Is there a way to enforce this using Azure policy? It appears that Azure policy (Like/Match functions) does not support regex. Please suggest a workaround solution.

Note: The [service name], [environment], [resource short name] are of variable length.

Thanks.

4

1 回答 1

2

下面的代码块应该解决*-*-asp模式的要求。我还没有对此进行充分的测试,但对于任何希望通过策略强制执行命名约定的人,我希望这会有所帮助。此外,如果有比这里提供的更好的解决方案,也会很有趣。

Azure Policy Like/Match 不支持正则表达式,以下解决方案的复杂性仅突出了对此类系统的需求。如果您在 Azure 策略中看到正则表达式功能的相关性,我请求您投票,有一个用户的声音 - 链接在这里

{
    "if": {
        "allOf": [
            {
                "field": "type",
                "in": "[parameters('listOfResourceTypes')]"
            },
            {
                "not": {
                    "allOf": [
                        {
                            "value": "[equals(length(split(parameters('namePattern'), '-')), length(split(field('name'), '-')))]",
                            "equals": true
                        },
                        {
                            "value": "[equals(toLower(last(split(parameters('namePattern'), '-'))), toLower(last(split(field('name'), '-'))))]",
                            "equals": true
                        }
                    ]
                }
            }
        ]
    },
    "then": {
        "effect": "[parameters('policyEffect')]"
    }
}
于 2020-02-13T06:24:04.803 回答