Azure Policy - Support for RegEx in Match Conditions
Right now, the "Match" and "notMatch" conditions only support # for digit placeholders and ? for letters. This is okay, but it would be much more useful to support regex expressions. This would needed for define complex naming policies and tagging standards.
If there are specific RegEx expressions needed, please leave them in the comments below. We will be investigating the feasibility. Thanks.
Chris Lewis commented
We use Management Groups, and I'd love some simple matches like "all subscriptions in a Management Group"
Marlo Bell commented
Need to track App or IT Service ID in tags. Current implementation isn't sophisticated enough to be a good enforcer. ???-#### doesn't work because it doesn't control the prefix and the number on the end isn't always 4 digits.
Brooks Vaughn commented
We need more robust pattern matching. RegEx would work but in-lieu of that, then at least support what PowerShell supports.
Why have Like with no support for many wildcards?
Why have Match with no wildcards?
I need something to support a rule where only UDR names that Match "PZI-G???-?-UDR-SLBR-*" are allowed:
Marcio Parente commented
I'm trying to apply the following regex expression and no success.
One would expect regex when it is named match.
Current options cannot be used to match our naming standard. At least more complex conditions needed, for example multiple asterisks.
But why invent something new, when there is a good and relative standard way of doing this (already supported by .net).
Steve Keeler commented
Please consider implement basic regular expression pattern matching. If ReDoS is a concern, then limit so extensions such as back-tracking not implemented. I have multiple customers requesting this functionality.
Nick C commented
I second this idea. Either allow more complex conditions, or allow regular expressions. Even allowing two wildcards within a 'like' condition would be enormously helpful. Right now, enforcing naming policy is cumbersome.