We have current tag policy to enforce certain tags on the management group level. however, we would like to create exemption policy to exclude any untaggable Azure resource, eg Solution, Azure DevOps Organization, etc. How can we add it in the code?
"policyRule": {
"if": {
"anyOf": [
{
"field": "tags.ApplicationName",
"exists": false
},
{
"field": "tags.ApplicationID",
"exists": false
},
{
"field": "tags.Branch",
"exists": false
},
{
"field": "tags.Environment",
"exists": false
},
{
"field": "tags.CostCentre",
"exists": false
},
{
"field": "tags.CostCentreName",
"exists": false
}
]
},
"then": {
"effect": "audit"
}
}
``` },