Merge pull request #186 from ElYusubov/development

Update policy that audit resource groups for matching tag values
ElYusubov · Nov 1, 2024 · ea4381b · ea4381b
2 parents b830298 + 06df6a5
commit ea4381b
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/tagging-policies/audit-resourcegroup-tag-and-its-value-match.bicep b/tagging-policies/audit-resourcegroup-tag-and-its-value-match.bicep
@@ -1,9 +1,14 @@
+// audit-resourcegroup-tag-and-its-value-match.bicep
+
+// Set the scope of the deployment
 targetScope = 'subscription'
 
+// Set variables for the policy definition
 var policyName = 'audit-resource-group-tag-and-value-match-pd'
 var policyDisplayName = 'Audit a tag and its value match on resource groups'
 var policyDescription = 'Audits existence of a tag and its value match. Does not apply to individual resources.'
 
+// Create the policy definition
 resource policy 'Microsoft.Authorization/policyDefinitions@2020-09-01' = {
   name: policyName
   properties: {
@@ -51,3 +56,21 @@ resource policy 'Microsoft.Authorization/policyDefinitions@2020-09-01' = {
     }
   }
 }
+
+// Create the policy assignment
+resource policyAssignment 'Microsoft.Authorization/policyAssignments@2020-09-01' = {
+  name: '${policyName}-pa'
+  properties: {
+    policyDefinitionId: policy.id
+    displayName: policyDisplayName
+    description: policyDescription
+    parameters: {
+      tagName: {
+        value: 'Environment'
+      }
+      tagPattern: {
+        value: 'Test'
+      }
+    }
+  }
+}