You can use a Regex for username matching in a source condition, but you can only do this if the authentication realm used is either LDAP or RADIUS, not natively with IWA. You can however configure your ActiveDirectory as an LDAP realm and then use this method.
For example you want to create a rule to allow any access to all users whose username matches the format of admin-XXXXX. In this example, ActiveDirectory has been defined as an LDAP realm using the LDAP Attribute Name sAMAccountName:
You can now use this object as a source condition in your policy: