我需要用于标记的 Azure Policy。我希望用户在创建资源组时需要定义一个标签。该策略还应检查 tagvaule 是否为空。
我尝试了以下方法:
{
"properties": {
"displayName": "Require a tag Billto and a value that is not empty",
"policyType": "Custom",
"mode": "All",
"description": "Enforces a required tag and its value on resource groups.",
"metadata": {
"category": "Tags",
},
"parameters": {
"tagName": {
"type": "String",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'Billto'"
}
},
"tagValue": {
"type": "String",
"metadata": {
"displayName": "Tag Value",
"description": "Value of the tag, such as 'Costcenter'"
}
}
},
"policyRule": {
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Resources/subscriptions/resourceGroups"
},
{
"field": "[concat('tags[', parameters('tagName'), ']')]",
"exists": "false"
},
{
"value": "[concat('tags[', parameters('tagValue'), ']')]",
"equals": ""
}
]
},
"then": {
"effect": "deny"
}
}
}
有人可以帮助我并给我正确的代码吗?谢谢托马斯