Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_policy_assignment policy_definition_id fails validation in 2.6, for built in policy_set expects scope to be prepended #6 #6671

Closed
jarmbruster74 opened this issue Apr 28, 2020 · 4 comments · Fixed by #6792
Closed

azurerm_policy_assignment policy_definition_id fails validation in 2.6, for built in policy_set expects scope to be prepended #6 #6671

jarmbruster74 opened this issue Apr 28, 2020 · 4 comments · Fixed by #6792
Assignees
@ArcturusZhang
Labels
bug service/policy
Milestone
v2.9.0

Comments

@jarmbruster74
Copy link

jarmbruster74 commented Apr 28, 2020
edited
Loading

Terraform (and AzureRM Provider) Version

Terraform v0.12.24
AzureRM 2.7.0

Affected Resource(s)

  • azurerm_policy_assignment

Terraform Configuration Files

resource "azurerm_policy_assignment" "CIS_1_1" {
  name                 = "CIS_1_1"
  policy_definition_id = "/providers/Microsoft.Authorization/policySetDefinitions/1a5bb27d-173f-493e-9568-eb56638dde4d"
  scope                = local.subscription_id

  parameters = <<PARAMETERS
{
  "listOfRegionsWhereNetworkWatcherShouldBeEnabled": {
    "value": [ 
        "centralus",
        "eastus",
        "eastus2",
    ]
  }
}
PARAMETERS
}

Expected Behavior

Policy Set Assignment should be created (this worked fine in 2.5)
This issue was recently fixed for Policy assignments, but the Policy Set Assignment validation is still broken

Actual Behavior

Error: cannot parse "policy_definition_id" as a Policy Definition ID: unable to parse Policy Definition ID "/providers/Microsoft.Authorization/policySetDefinitions/1a5bb27d-173f-493e-9568-eb56638dde4d"

Steps to Reproduce

  1. terraform apply

References
@jarmbruster74
Copy link
Author

@ArcturusZhang - would it be possible to add the same logic for the policy set defintion?

@ArcturusZhang ArcturusZhang self-assigned this Apr 29, 2020
@ArcturusZhang
Copy link
Contributor

Hi @jarmbruster74 no problem. I am working on this.

@ArcturusZhang ArcturusZhang mentioned this issue May 6, 2020
Merged
@katbyte katbyte added this to the v2.9.0 milestone May 6, 2020
katbyte pushed a commit that referenced this issue May 7, 2020
@ArcturusZhang
update azurerm_policy_assignment - allow scopes of policy set defin…
893307f 
…ition without `subscription/<id>` (#6792)

Fixes #6671
@ghost
Copy link

ghost commented May 8, 2020

This has been released in version 2.9.0 of the provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. As an example:

provider "azurerm" {
    version = "~> 2.9.0"
}
# ... other configuration ...

@ghost
Copy link

ghost commented Jun 7, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!

@ghost ghost locked and limited conversation to collaborators Jun 7, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ArcturusZhang ArcturusZhang

Labels
bug service/policy
Projects
None yet
Milestone
v2.9.0
3 participants
@katbyte @jarmbruster74 @ArcturusZhang