policy definition data source support specify policy_type

internal/services/policy/policy.go

@@ -10,14 +10,19 @@ import (
 	"github.com/hashicorp/terraform-provider-azurerm/utils"
 )
 
-func getPolicyDefinitionByDisplayName(ctx context.Context, client *policy.DefinitionsClient, displayName, managementGroupName string) (policy.Definition, error) {
+func getPolicyDefinitionByDisplayName(ctx context.Context, client *policy.DefinitionsClient, displayName, managementGroupName string,
+	typ policy.Type) (policy.Definition, error) {
 	var policyDefinitions policy.DefinitionListResultIterator
 	var err error
 
 	if managementGroupName != "" {
 		policyDefinitions, err = client.ListByManagementGroupComplete(ctx, managementGroupName, "", nil)
 	} else {
-		policyDefinitions, err = client.ListComplete(ctx, "", nil)
+		if typ == policy.TypeBuiltIn {
+			policyDefinitions, err = client.ListBuiltInComplete(ctx, "", nil)
+		} else {
+			policyDefinitions, err = client.ListComplete(ctx, "", nil)
+		}
 	}
 	if err != nil {
 		return policy.Definition{}, fmt.Errorf("loading Policy Definition List: %+v", err)
@@ -48,10 +53,10 @@ func getPolicyDefinitionByDisplayName(ctx context.Context, client *policy.Defini
 	return results[0], nil
 }
 
-func getPolicyDefinitionByName(ctx context.Context, client *policy.DefinitionsClient, name, managementGroupName string) (res policy.Definition, err error) {
+func getPolicyDefinitionByName(ctx context.Context, client *policy.DefinitionsClient, name, managementGroupName string, typ policy.Type) (res policy.Definition, err error) {
 	if managementGroupName == "" {
 		res, err = client.GetBuiltIn(ctx, name)
-		if utils.ResponseWasNotFound(res.Response) {
+		if utils.ResponseWasNotFound(res.Response) && typ != policy.TypeBuiltIn {
 			res, err = client.Get(ctx, name)
 		}
 	} else {

internal/services/policy/policy_definition_data_source.go

@@ -55,6 +55,13 @@ func dataSourceArmPolicyDefinition() *pluginsdk.Resource {
 			"policy_type": {
 				Type:     pluginsdk.TypeString,
 				Computed: true,
+				Optional: true,
+				ValidateFunc: validation.StringInSlice(func() (res []string) {
+					for _, val := range policy.PossibleTypeValues() {
+						res = append(res, string(val))
+					}
+					return
+				}(), false),
 			},
 
 			"policy_rule": {
@@ -103,14 +110,15 @@ func dataSourceArmPolicyDefinitionRead(d *pluginsdk.ResourceData, meta interface
 	var policyDefinition policy.Definition
 	var err error
 	// one of display_name and name must be non-empty, this is guaranteed by schema
+	policyType := policy.Type(d.Get("policy_type").(string))
 	if displayName != "" {
-		policyDefinition, err = getPolicyDefinitionByDisplayName(ctx, client, displayName, managementGroupName)
+		policyDefinition, err = getPolicyDefinitionByDisplayName(ctx, client, displayName, managementGroupName, policyType)
 		if err != nil {
 			return fmt.Errorf("reading Policy Definition (Display Name %q): %+v", displayName, err)
 		}
 	}
 	if name != "" {
-		policyDefinition, err = getPolicyDefinitionByName(ctx, client, name, managementGroupName)
+		policyDefinition, err = getPolicyDefinitionByName(ctx, client, name, managementGroupName, policyType)
 		if err != nil {
 			return fmt.Errorf("reading Policy Definition %q: %+v", name, err)
 		}

internal/services/policy/policy_definition_data_source_test.go

@@ -127,6 +127,7 @@ provider "azurerm" {
 
 data "azurerm_policy_definition" "test" {
   display_name = "%s"
+  policy_type  = "BuiltIn"
 }
 `, name)
 }

internal/services/policy/policy_definition_resource.go

@@ -63,7 +63,7 @@ func resourceArmPolicyDefinitionCreateUpdate(d *pluginsdk.ResourceData, meta int
 	}
 
 	if d.IsNewResource() {
-		existing, err := getPolicyDefinitionByName(ctx, client, name, managementGroupName)
+		existing, err := getPolicyDefinitionByName(ctx, client, name, managementGroupName, "")
 		if err != nil {
 			if !utils.ResponseWasNotFound(existing.Response) {
 				return fmt.Errorf("checking for presence of existing Policy Definition %q: %+v", name, err)
@@ -143,7 +143,7 @@ func resourceArmPolicyDefinitionCreateUpdate(d *pluginsdk.ResourceData, meta int
 		return fmt.Errorf("waiting for Policy Definition %q to become available: %+v", name, err)
 	}
 
-	resp, err := getPolicyDefinitionByName(ctx, client, name, managementGroupName)
+	resp, err := getPolicyDefinitionByName(ctx, client, name, managementGroupName, "")
 	if err != nil {
 		return err
 	}
@@ -179,7 +179,7 @@ func resourceArmPolicyDefinitionRead(d *pluginsdk.ResourceData, meta interface{}
 		managementGroupName = managementGroupId.Name
 	}
 
-	resp, err := getPolicyDefinitionByName(ctx, client, id.Name, managementGroupName)
+	resp, err := getPolicyDefinitionByName(ctx, client, id.Name, managementGroupName, "")
 	if err != nil {
 		if utils.ResponseWasNotFound(resp.Response) {
 			log.Printf("[INFO] Error reading Policy Definition %q - removing from state", d.Id())
@@ -259,7 +259,7 @@ func resourceArmPolicyDefinitionDelete(d *pluginsdk.ResourceData, meta interface
 
 func policyDefinitionRefreshFunc(ctx context.Context, client *policy.DefinitionsClient, name, managementGroupID string) pluginsdk.StateRefreshFunc {
 	return func() (interface{}, string, error) {
-		res, err := getPolicyDefinitionByName(ctx, client, name, managementGroupID)
+		res, err := getPolicyDefinitionByName(ctx, client, name, managementGroupID, "")
 		if err != nil {
 			return nil, strconv.Itoa(res.StatusCode), fmt.Errorf("issuing read request in policyAssignmentRefreshFunc for Policy Assignment %q: %+v", name, err)
 		}

website/docs/d/policy_definition.html.markdown

@@ -32,6 +32,8 @@ output "id" {
 
 * `management_group_name` - (Optional) Only retrieve Policy Definitions from this Management Group.
 
+* `policy_type` - (Optional) The Type of the Policy. The only possible values is `BuiltIn`.
+
 ## Attributes Reference
 
 * `id` - The ID of the Policy Definition.