You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform (and AzureRM Provider) Version
Terraform v0.12.28
+ provider.azurerm v2.17.0
Affected Resource(s)
azurerm_policy_remediation
Terraform Configuration Files
resource"azurerm_policy_remediation""myremediation" {
name="myremediation"scope=azurerm_management_group.my.idpolicy_assignment_id=azurerm_policy_assignment.my.idpolicy_definition_reference_id="mystring"# <--- this is just a string, not a resourceId
}
Debug Output
Error: cannot parse "policy_definition_reference_id" as a Policy Definition ID: unable to parse Policy Definition ID "DeployDiagnosticsPublicIP"
Expected Behavior
The provider should accept a string for policy_definition_reference_id, it does not have to be not a policy definition resource id.
The validatefunc should be removed from this schema element.
This is confusing at first but the policy_definition_reference_id is not actually the resource ID of the policyDefinition, but simply a string that uniquely identifies the definition inside the policyset. In the JSON for a policySet you can see this additional key.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!
ghost
locked and limited conversation to collaborators
Aug 6, 2020
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Community Note
Terraform (and AzureRM Provider) Version
Affected Resource(s)
azurerm_policy_remediation
Terraform Configuration Files
Debug Output
Expected Behavior
The provider should accept a string for
policy_definition_reference_id
, it does not have to be not a policy definition resource id.The validatefunc should be removed from this schema element.
Actual Behavior
The validatefunc runs and blocks the plan.
https://github.com/terraform-providers/terraform-provider-azurerm/blob/bc115ff09e73676bb49df76bcbfe0f0c17e2478a/azurerm/internal/services/policy/policy_remediation_resource.go#L75-L81
Steps to Reproduce
Important Factoids
This is confusing at first but the
policy_definition_reference_id
is not actually the resource ID of the policyDefinition, but simply a string that uniquely identifies the definition inside the policyset. In the JSON for a policySet you can see this additional key.See docs here: https://docs.microsoft.com/en-us/rest/api/resources/policysetdefinitions/createorupdate#definitions
Or a snip here:
The PolicySetDefinitionReference is a unique ID within the policyset, not a resourceId
the JSON for creating a policyset looks like this:
The text was updated successfully, but these errors were encountered: