MicrosoftHey SoniaCuff,
Thanks for the article. I have a problem, though, which I am not sure if technical or in my expectation.
My expectation is that it would not allow creation of new resources, unless both tags are present and the resources that are already in place would be marked as non-compliant. Is that correct?
I am using the code as provided, only changed "effect": "deny" and added defaultValue for the parameters - tagName1 = "environment" and tagName2 = "project".
The problem that I am having is that I am able to create a new resource (storage account in my test) with only a single tag, i.e. Project, without providing tag Environment (or vice versa).
Also the policy shows a resource (the storage account) as compliant, despite having only one of the two tags.
So is my understanding not correct that both tags should be present?
Best regards,
Ivan
