question

SujinaSJ-1789 avatar image
0 Votes"
SujinaSJ-1789 asked SwathiDhanwada-MSFT commented

Issue with Azure policy (custom) for enforcing tags on all resources except resource type that doesn't support tags

We are trying to enforce tags on all resources using a custom policy with mode as indexed (only evaluate resource types that support tags). It is working fine for resources that supports tags, but deny the deployment of resource type that doesn't support tags, for example :-publicIPAddresses

Can someone help us with this issue. Thanks in advance.

@MohammedThahifBK-3336




azure-policy
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SwathiDhanwada-MSFT avatar image
0 Votes"
SwathiDhanwada-MSFT answered

@SujinaSJ-1789 Welcome to Microsoft Q & A Community Forum. When mode property is set to indexed, it evaluates all the resource types which supports tags which you are already aware of. Kindly note that publicIPAddresses does support tags. For more information on list of resource types that support tags, refer this document.

As you mentioned that your azure policy is denying the creation of resource types that doesn't support tags. Can you please share the resource type for which you are facing issue with? Also, if you are unable to deploy publicIPAddresses, I assume that this might be related to another policy within your subscription.

To troubleshoot the creation of resource being denied by policy, you can check below image for resolution. For more information, refer this document.

191381-image.png



image.png (30.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.