Azure Policy
An Azure service that is used to implement corporate governance and standards at scale for Azure resources.
819 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I want an Azure policy in place that requires all new resources to have an "Environment" tag. With that tag I only want there to be three acceptable values: Test, Prod and Dev. If the value doesn't meet the predefined value, it fails validation. Does anyone know how to achieve this, or how to create a tagging policy that will enforce a tag with predefined values?
@PhrygianMode Here is a sample azure policy to enforce a tag with pre-defined values. Kindly check and tweak it based on your requirement.
{
"mode": "Indexed",
"policyRule": {
"if": {
"not": {
"field": "[concat('tags[', parameters('tagName'), ']')]",
"in": "[parameters('tagValue')]"
}
},
"then": {
"effect": "deny"
}
},
"parameters": {
"tagName": {
"type": "String",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'environment'"
}
},
"tagValue": {
"type": "Array",
"metadata": {
"displayName": "Tag Value",
"description": "Value of the tag, such as 'production'"
},
"allowedValues": [
"Dev",
"Test",
"Prod"
]
}
}
}