0

错误:在“订阅 ABCXXX”中编辑策略定义“在标签及其值上强制小写或大写”失败。无法验证与策略定义“”关联的策略分配“”中的函数或参数。请修复策略或删除策略分配以取消阻止。如果使用模板函数,请尝试遵循以下提示:https ://aka.ms/policy-avoiding-template-failures 。内部异常'无法评估模板语言函数'json'。提供的参数不是有效的 JSON 字符串。

"parameters": {
  "toLowerOrToUpper": {
    "type": "String",
    "metadata": {
      "displayName": "Enforce Lowercase or Uppercase",
      "description": "If set to Lowercase then the Policy will convert all tags on existing and new resources to lowercase. Uppercase will convert them to uppercase."
    },
    "allowedValues": [
      "Lowercase",
      "Uppercase"
    ]
  }
},
"policyRule": {
  "if": {
    "allOf": [
      {
        "field": "type",
        "equals": "Microsoft.Resources/subscriptions/resourceGroups"

      }
    ]
  },
  "then": {
    "effect": "modify",
      "operations": [
        {
          "operation": "addOrReplace",
          "field": "tags",
          "value": "[json(if(equals(parameters('toLowerOrToUpper'), 'Lowercase'), toLower(string(field('tags'))),toUpper(string(field('tags')))))]"
        }
      ]
    }
  }
}
4

1 回答 1

0

我不知道如何让它完全正常工作,但在“then”块中,我认为你应该有“effect”和“details”,其中包含“operations”和“roleDefinitionIds”。

这是一个示例(根据您的需要进行修改):

"then": {
    "effect": "modify",
    "details": {
        "roleDefinitionIds": [
            "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
        ],
        "operations": [{
            "operation": "add",
            "field": "[concat('tags[', parameters('tagName'), ']')]",
            "value": "[parameters('tagValue')]"
        }]
    }
}

来源: https ://docs.microsoft.com/en-us/azure/governance/policy/samples/pattern-effect-details

于 2022-01-13T16:14:28.200 回答