Skip to content

Instantly share code, notes, and snippets.

@andrewmatveychuk
Last active May 14, 2023 16:28
Show Gist options
  • Save andrewmatveychuk/4f83b621a1882163b5bfcd53f3f9b465 to your computer and use it in GitHub Desktop.
Save andrewmatveychuk/4f83b621a1882163b5bfcd53f3f9b465 to your computer and use it in GitHub Desktop.
Sample Azure Policy rule for explicit list of allowed tag values
"parameters": {
"tagAllowedValues": { // List of allowed tag values
"type": "Array", // An array of strings in the format like ["internal", "confidential", "restricted"]
"metadata": {
"displayName": "Tag allowed values",
"description": "List of allowed options"
}
}
// Other policy parameters...
},
"policyRule": {
"if": {
"field": "[[concat('tags[', parameters('tagName'), ']')]", // For example, 'dataProfile' as the tag name
"notIn": "[[parameters('tagAllowedValues')]" // To validate if the tag value is in the provided list of options
},
"then": {
// Some policy effect...
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment