Conflict
policy
config_error
ai_generated
true
Resource was disallowed by policy. Policy: 'Require a tag on resources'
ID: policy/azure-policy-resource-tagging-enforcement
90%Fix Rate
85%Confidence
1Evidence
2023-11-10First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| Azure Policy v1.0 | active | — | — | — |
| Azure CLI 2.40+ | active | — | — | — |
Root Cause
Azure Policy denies resource creation or update if required tags (e.g., 'Environment', 'CostCenter') are missing, but the deployment template or CLI command omitted the tags.
generic中文
Azure Policy 在缺少必需标签(如 'Environment'、'CostCenter')时拒绝资源创建或更新,但部署模板或 CLI 命令未包含标签。
Official Documentation
https://learn.microsoft.com/en-us/azure/governance/policy/concepts/effectsWorkarounds
-
90% success Include the required tags in the ARM template or Bicep file under the 'tags' property.
Include the required tags in the ARM template or Bicep file under the 'tags' property.
-
85% success Use Azure CLI with --tags parameter when creating resources.
Use Azure CLI with --tags parameter when creating resources.
中文步骤
在 ARM 模板或 Bicep 文件的 'tags' 属性中包含必需标签。
使用 Azure CLI 创建资源时添加 --tags 参数。
Dead Ends
Common approaches that don't work:
-
80% fail
Azure Policy deny effect blocks the resource creation entirely; the resource never exists to be updated.
-
60% fail
Requires Contributor permissions at the management group level, which most developers lack, and violates compliance requirements.