Bug: True bool variables not added to terraform.tfvars.json

[sdeguchi]

Is there an existing issue for this?

• I have searched the existing issues

Infrastrcuture as Code Type? (Required)

terraform

Module Versions (Required)

ALZ PowerShell Module: 4.0.0
Accelerator Bootstrap Modules: 4.0.3
Terraform Starter Modules: SLZ
Bicep Starter Modules: N/A

Input arguments of the ALZ-PowerShell-Module (Optional)

---

Basic Inputs

iac: "terraform"
bootstrap: "alz_local"
starter: "microsoft_cloud_for_sovereignty"

Shared Interface Inputs

bootstrap_location: "eastus"
starter_location: "eastus"
root_parent_management_group_id: ""
subscription_id_management: "d1c00641-bc8c-4285-9073-99ac12692ebb"
subscription_id_identity: "06398604-6d33-4ced-bbae-4f8430e0e78b"
subscription_id_connectivity: "d1608aee-3d80-47ab-8759-d75bf83c45ab"

Bootstrap Inputs

target_directory: ""
create_bootstrap_resources_in_azure: false
bootstrap_subscription_id: ""
service_name: "slz"
environment_name: "mgmt"
postfix_number: "1"
apply_alz_archetypes_via_architecture_definition_template: true
architecture_definition_template_path: ""

Starter Module Specific Variables

default_location: "eastus"
allowed_locations: ["eastus"]
allowed_locations_for_confidential_computing: ["eastus"]
default_prefix: "slz"
default_postfix: "sdeguchi1"
subscription_billing_scope: ""
automation_account_name: ""
private_dns_resource_group_id: ""
deploy_bastion: true
ddos_protection_resource_id: ""
log_analytics_workspace_retention_in_days: "365"
use_premium_firewall: true
deploy_ddos_protection: true
ms_defender_for_cloud_email_security_contact: "security_contact@replace_me.com"
policy_assignment_enforcement_mode: "Default"
landing_zone_management_group_children: {
"test": { "id": "test-child-management-group-sdeguchi", "displayName": "Test Child Management Group" }
}
deploy_log_analytics_workspace: false
policy_exemptions: {}
policy_effect: "Deny"
hub_network_address_prefix: "10.20.0.0/16"
customer_policy_sets: {}
customer: "Country/Region"
architecture_definition_override_path: ""
log_analytics_workspace_id: ""
az_firewall_policies_enabled: "true"
tags: {}

Debug Output/Panic Output (Optional)

{
  "allowed_locations": [
    "eastus"
  ],
  "allowed_locations_for_confidential_computing": [
    "eastus"
  ],
  "architecture_definition_override_path": "",
  "architecture_definition_template_path": "",
  "automation_account_name": "",
  "az_firewall_policies_enabled": "true",
  "bastion_outbound_ssh_rdp_ports": [
    "22",
    "3389"
  ],
  "custom_subnets": {
    "AzureBastionSubnet": {
      "address_prefixes": "10.20.15.0/24",
      "name": "AzureBastionSubnet",
      "networkSecurityGroupId": "",
      "routeTableId": ""
    },
    "AzureFirewallSubnet": {
      "address_prefixes": "10.20.254.0/24",
      "name": "AzureFirewallSubnet",
      "networkSecurityGroupId": "",
      "routeTableId": ""
    },
    "GatewaySubnet": {
      "address_prefixes": "10.20.252.0/24",
      "name": "GatewaySubnet",
      "networkSecurityGroupId": "",
      "routeTableId": ""
    }
  },
  "customer": "Country/Region",
  "customer_policy_sets": {},
  "ddos_protection_resource_id": "",
  "default_location": "eastus",
  "default_postfix": "sdeguchi1",
  "default_prefix": "slz",
  "deploy_hub_network": false,
  "deploy_log_analytics_workspace": false,
  "express_route_gateway_config": {
    "name": "noconfigEr"
  },
  "hub_network_address_prefix": "10.20.0.0/16",
  "landing_zone_management_group_children": {
    "test": {
      "id": "test-child-management-group-sdeguchi",
      "displayName": "Test Child Management Group"
    }
  },
  "log_analytics_workspace_id": "",
  "log_analytics_workspace_retention_in_days": "365",
  "ms_defender_for_cloud_email_security_contact": "security_contact@replace_me.com",
  "policy_assignment_enforcement_mode": "Default",
  "policy_effect": "Deny",
  "policy_exemptions": {},
  "private_dns_resource_group_id": "",
  "root_parent_management_group_id": "",
  "subscription_billing_scope": "",
  "subscription_id_connectivity": "d1608aee-3d80-47ab-8759-d75bf83c45ab",
  "subscription_id_identity": "06398604-6d33-4ced-bbae-4f8430e0e78b",
  "subscription_id_management": "d1c00641-bc8c-4285-9073-99ac12692ebb",
  "tags": {},
  "vpn_gateway_config": {
    "name": "noconfigVpn"
  }
}

Expected Behaviour (Required)

All variables have values set for them in the terraform.tfvars.json.

Actual Behaviour (Required)

Boolean variables with default value = true, and variables set to true in the inputs file are not included in the terraform.tfvars.json.

Setting a bool variable from the inputs file using string bool values works("true" or "false") works and interestingly using false also works, but using true does not.

Inputs set to false ("deploy_hub_network" and "deploy_log_analytics_workspace") are included correctly in the terraform.tfvars.json.

Inputs set to true ("apply_alz_archetypes_via_architecture_definition_template", "use_premium_firewall", and "deploy_ddos_protection") are not included in the terraform.tfvars.json.

Steps to Reproduce (Optional)

Use the provided inputs and run Deploy-Accelerator. Check terraform.tfvars.json file in starter module.

Important Factoids (Optional)

No response

References (Optional)

No response

[jaredfholgate]

Will need to investigate and reproduce.

[jaredfholgate]

Released in 4.0.2