Azure Custom Tag Policy, Exclude resource type

azure azure-policy

This way you can mention all the resource types in "notEquals" operator for which you do not want to check for tags.

{
      "if": {
        "allOf": [
          {
            "field": "type",
            "notEquals": "Microsoft.Security/assessments"
          },
          {
            "field": "type",
            "notEquals": "Microsoft.Compute/VirtualMachines"
          },
          {
            "anyOf": [
              {
                "field": "tags['TAG1']",
                "exists": false
              },
              {
                "field": "tags['TAG2']",
                "exists": false
              }
            ]
          }
        ]
      },
      "then": {
        "effect": "audit"
      }
    }

Using "mode": "indexed" instead of "mode": "All" will only match resources that support location and tags.

Source: https://docs.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#resource-manager-modes

Related

getting a NoneType' object has no attribute 'insert' error in python when inserting text to Text widget in Tkinter [duplicate]
How can I find and click a button that has no text using React Testing Library?
Java home supplied via 'org.gradle.java.home' is invalid. Invalid directory: /usr/local/java/jdk1.8.0_05
Variable type change
How to add page numbers to Postscript/PDF
configuration.devtool should match pattern "^(inline-|hidden-|eval-)?(nosources-)?(cheap-(module-)?)?source-map$"
WebStorm functional snippet React
Function getAccountBalance() doesn't work
Referencing types in monorepo in sibling directory (going below root)
Azure Dashboard Widget for Monetary Credit
How to use $emit / $ on without using $scope?
Linux Hosting: What is the purpose of setting hostname/FQDN in hosts file?