Hi @Yahav Horev | CloudTeam.ai ,
As per this uservoice feedback item or this Azure document, almost all ARM template functions are available within a policy rule except a few as listed in the Azure document. However, there's a little issue with CurrentUser()
i.e., it isn't an ARM function and when the policy does a run-time evaluation on existing resources, it would have no idea who the current user is because there isn't one. Nothing triggered that evaluation other than schedule, so it has no context to the user. So while it might work on a new / updated resource (if that function existed), it wouldn't work when evaluating existing resources for ongoing compliance. And currently we don't have any other equivalent function for CurrentUser()
due to number of reasons (service principals, IaC, etc.). There's only CurrentUser()
a very small fraction of the time.
So, if interested, you may comment with your requirement as a product feedback on this same uservoice feedback item's comment section and/or you may raise a new uservoice in this uservoice feedback forum. In general, Azure feature team would check feasibility of a feature request, prioritize against existing feature backlog, add in roadmap as appropriate and would announce and/or update the related Azure document once a feature request is addressed.