定义 1:
"if": {
"not": {
"field": "tags['Project Identifier']",
"match": "..."
}
定义2:
"if": {
"not": {
"field": "tags['Date']",
"match": "##-##-####"
}
两个定义的效果都是拒绝,我无法将两个策略应用于单个资源组
我认为您可以将它们合并到一个策略文件中,如下所示:
"if": {
"AnyOf": [
your_rule_1,
your_rule_2
]
}
这将拒绝资源,除非两个规则都不匹配
参考: https://learn.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#logical-operators