az policy definition create erroring if rule contains nested functions

[antonGritsenko]

Related command

function Get-SafeJson([string]$inputJson){
   $value = $inputJson -replace "  ", ""
   $value = $value -replace "`r`n", ""
   return $value
}
$policyInfo = @{
  Data = @{name = "test";displayName="test"; description="";mode="All"}
  Rules =Get-Content "policy_rules.json" -Raw;
  Parameters=Get-Content "policy_params.json" -Raw;
}
az policy definition create -n $($policyInfo.Data.name) --display-name "$($policyInfo.Data.displayName)" --description "$($policyInfo.Data.description)" --mode "$($policyInfo.Data.mode)" --rules "$(Get-SafeJson $($policyInfo.Rules))" -- params "$(Get-SafeJson $($policyInfo.Parameters))"

Describe the bug
Error: az : ]","field": "[concat('tags[' was unexpected at this time.

To Reproduce
Create file policy_rules.json with rule definition where rule contains following (sorry, I can't past full file, it contains sensitive info, but this file is based on https://docs.microsoft.com/en-us/azure/governance/policy/samples/pattern-tags ):

  "if": {
    "allof": [
      {
        "equals": "Microsoft.Web/serverfarms",
        "field": "type"
      },
      {
        "not": {
          "equals": "[parameters('tagValue')]",
          "field": "[concat('tags[',parameters('tagName'), ']')]"
        }
      },
      {
        "field": "location",
        "in": "[parameters('azureregions')]"
      }
    ]
  }
... more here

[concat('tags[',parameters('tagName'), ']')] is valid structure for the rule definition, it works fine in the portal.
Also works in REST API.

Expected behavior
no errors

Environment summary
Install method: MSI
CLI: 2.37.0
Shell: PowerShell (ISE)

Additional context

[yonzhan]

ARM