我正在尝试创建一个自定义策略,该策略将根据标签值拒绝。标签是“ external VM
”。然后,该策略允许部署一组已批准的扩展。但是,当我尝试使用"tag.external vm"
它添加标签时,会出现错误,这与本文末尾的相同(The value of 'field' property 'Tag' of the policy rule must be one of 'Name, Type, Location, Tags, Kind, FullName, Identity.type' or an alias, e.g.
)。
{
"mode": "All",
"policyRule": {
"if": {
"allOf": [
{
"field": "tag.External VM",
"equals": "Third Party"
},
{
"field": "Microsoft.Compute/virtualMachines/extensions/publisher",
"equals": "Microsoft.Compute"
},
{
"field": "Microsoft.Compute/virtualMachines/extensions/type",
"notin": "[parameters('AllowedExtensions')]"
}
]
},
"then": {
"effect": "deny"
}
},
"parameters": {
"AllowedExtensions": {
"type": "Array",
"metadata": {
"displayName": "AllowedExtensions",
"description": "Allowed VM Extensions"
}
}
}
}
参数文件是
{
"AllowedExtensions": {
"type": "Array",
"metadata": {
"description": "The list of extensions that will be Allowed.",
"strongType": "type",
"displayName": "Allowed extension"
}
},
"tagName": {
"type": "String",
"metadata": {
"description": "The Referenced Tag Name.",
"displayName": "Tag to Query"
}
}
}
有没有办法用其中的空格分配标签名称。还有其他选择是用“”重新标记它external-vm
或参数化标记名,例如
{
"field": "[parameters('tagName')]",
"equals": "Third Party"
},
但这给了我错误
The value of 'field' property 'Tag' of the policy rule must be one of 'Name, Type, Location, Tags, Kind, FullName, Identity.type' or an alias, e.g.
任何想法?
提前致谢。