azurerm_policy_set_definition policy_group_names not applying #13791
Labels
Milestone
Comments
|
Hi. Any idea of timeframe to look at this one? Thanks. |
Only on updateI can confirm the behavior at least with updates of a PolicySetDefinition. Preterraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=2.88.1"
}
}
}
provider "azurerm" {
features {}
}initial deployment with group names setresource "azurerm_policy_set_definition" "PolicySet" {
name = "GroupTestInitiative"
policy_type = "Custom"
display_name = "GroupTestInitiative"
management_group_name = "est"
policy_definition_group {
name = "Group1"
}
policy_definition_group {
name = "Group2"
}
policy_definition_reference {
policy_definition_id = "/providers/Microsoft.Authorization/policyDefinitions/2d21331d-a4c2-4def-a9ad-ee4e1e023beb"
policy_group_names = ["Group1"]
}
policy_definition_reference {
policy_definition_id = "/providers/Microsoft.Authorization/policyDefinitions/0a914e76-4921-4c19-b460-a2d36003525a"
policy_group_names = ["Group2"]
}
}in trace log, groupnames are set on PUT Check via pwsh ❯ Get-AzPolicySetDefinition -Name GroupTestInitiative -ManagementGroupName est | ConvertTo-Json -Depth 99
{
"Name": "GroupTestInitiative",
"ResourceId": "/providers/Microsoft.Management/managementgroups/est/providers/Microsoft.Authorization/policySetDefinitions/GroupTestInitiative",
"ResourceName": "GroupTestInitiative",
"ResourceType": "Microsoft.Authorization/policySetDefinitions",
"SubscriptionId": null,
"PolicySetDefinitionId": "/providers/Microsoft.Management/managementgroups/est/providers/Microsoft.Authorization/policySetDefinitions/GroupTestInitiative",
"Properties": {
"Description": "",
"DisplayName": "GroupTestInitiative",
"Metadata": {
"createdBy": "70000001-e00b-400f-b00b-300000000005",
"createdOn": "2021-12-07T05:55:17.5843717Z",
"updatedBy": null,
"updatedOn": null
},
"Parameters": null,
"PolicyDefinitionGroups": [
{
"name": "Group1"
},
{
"name": "Group2"
}
],
"PolicyDefinitions": [
{
"policyDefinitionReferenceId": "5256048736259605031",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2d21331d-a4c2-4def-a9ad-ee4e1e023beb",
"parameters": {},
"groupNames": [
"Group1"
]
},
{
"policyDefinitionReferenceId": "2719031940633985590",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a914e76-4921-4c19-b460-a2d36003525a",
"parameters": {},
"groupNames": [
"Group2"
]
}
],
"PolicyType": 1
}
}changed group name in tfresource "azurerm_policy_set_definition" "PolicySet" {
name = "GroupTestInitiative"
policy_type = "Custom"
display_name = "GroupTestInitiative"
management_group_name = "est"
policy_definition_group {
name = "Group1"
}
policy_definition_group {
name = "Group2"
}
policy_definition_reference {
policy_definition_id = "/providers/Microsoft.Authorization/policyDefinitions/2d21331d-a4c2-4def-a9ad-ee4e1e023beb"
policy_group_names = ["Group1"]
}
policy_definition_reference {
policy_definition_id = "/providers/Microsoft.Authorization/policyDefinitions/0a914e76-4921-4c19-b460-a2d36003525a"
policy_group_names = ["Group1"]
}
}plan shows the expected changes. Check via pwsh ❯ Get-AzPolicySetDefinition -Name GroupTestInitiative -ManagementGroupName est | ConvertTo-Json -Depth 99
{
"Name": "GroupTestInitiative",
"ResourceId": "/providers/Microsoft.Management/managementgroups/est/providers/Microsoft.Authorization/policySetDefinitions/GroupTestInitiative",
"ResourceName": "GroupTestInitiative",
"ResourceType": "Microsoft.Authorization/policySetDefinitions",
"SubscriptionId": null,
"PolicySetDefinitionId": "/providers/Microsoft.Management/managementgroups/est/providers/Microsoft.Authorization/policySetDefinitions/GroupTestInitiative",
"Properties": {
"Description": "",
"DisplayName": "GroupTestInitiative",
"Metadata": {
"createdBy": "70000001-e00b-400f-b00b-300000000005",
"createdOn": "2021-12-07T05:55:17.5843717Z",
"updatedBy": "70000001-e00b-400f-b00b-300000000005",
"updatedOn": "2021-12-07T06:05:20.6461404Z"
},
"Parameters": null,
"PolicyDefinitionGroups": [
{
"name": "Group1"
},
{
"name": "Group2"
}
],
"PolicyDefinitions": [
{
"policyDefinitionReferenceId": "5256048736259605031",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/2d21331d-a4c2-4def-a9ad-ee4e1e023beb",
"parameters": {}
},
{
"policyDefinitionReferenceId": "2719031940633985590",
"policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0a914e76-4921-4c19-b460-a2d36003525a",
"parameters": {}
}
],
"PolicyType": 1
}
} |
|
I have the same issue, on initial deploy it is fine, after any adjustment it clears out the groups and keeps reporting the need to change it, running apply does not help, only a destroy and apply can get things in a correct state again. |
aurelschwitter
added a commit
to aurelschwitter/terraform-provider-azurerm
that referenced
this issue
Jan 6, 2023
|
Having the same issue, investigated with @aurelschwitter, he found out it seems to be a missing line in the terraform provider: In the Update method, a line defining GroupNames is missing. It is present in the definition function just a couple of lines below. Looks like a simple oversight and an easy fix. He'll go for a merge request, let's hope it gets approved. |
|
Closed by #19890 |
ricleal-fugue
added a commit
to LuminalHQ/terraform-provider-azurerm
that referenced
this issue
Jan 13, 2023
* CHANGELOG hashicorp#19722 * CHANGELOG hashicorp#19669 * Docs: Fix possible values mismatch between document and schema validator (hashicorp#19690) * New Resource : `azurerm_cognitive_deployment` (hashicorp#19526) * CHANGELOG hashicorp#19526 * New Resource: `azurerm_resource_deployment_script` (hashicorp#19436) Fix hashicorp#13581 * CHANGELOG hashicorp#19436 * Docs: more documents fix for syntax, optional/required and possible values (hashicorp#19733) * `azurerm_stream_analytics_output_blob` - fix type conversion for `batch_min_rows` (hashicorp#19732) fixes hashicorp#19725 * `azurerm_monitor_diagnostic_setting` - fix tests caused by service API behavior change (hashicorp#19762) * Docs: Fix missed/odd default values in document (hashicorp#19760) * Docs: fix outdated timeout values, or add missed timeouts lines of all resources (hashicorp#19756) * `azurerm_postgresql_flexible_server` - add nil check for `authentication` (hashicorp#19755) fixes hashicorp#19752 * `azurerm_key_vault` - fix mismatch document of `access_policy` (hashicorp#19753) * New resource `azurerm_key_vault_certificate_contacts` (hashicorp#19743) Close hashicorp#10256 Close hashicorp#16642 * CHANGELOG hashicorp#19743 * new resource: `azurerm_spring_cloud_customized_accelerator` (hashicorp#19736) * CHANGELOG hashicorp#19736 * new resource: `azurerm_billing_account_cost_management_export` (hashicorp#19723) Fixes hashicorp#14726 * CHANGELOG hashicorp#19723 * v3.37.0 * `azurerm_synapse_linked_service` - update document example (hashicorp#19768) * `azurerm_web_pubsub` - moving docs sub-category to messaging (hashicorp#19775) * Update settings.kt * Batch Fix LRO call bugs * update code * update code * update code * update code * update code * update code * `azurerm_postgresql_flexible_server` - Fix test case failure with "HA is disabled for region westus2" issue (hashicorp#19791) * Docs : Fix wrong description of `data.azurerm_key_vault_secret` in tf doc (hashicorp#19787) Fix hashicorp#19785 * Replace "primary_key" with "primary_connection_string" (hashicorp#19786) * update code * Updating based on c2554b6e * Fix missing/redundent props in doc (hashicorp#19821) * `azurerm_resource_deployment_script` - fix document error of `identity` (hashicorp#19820) * `azurerm_hdinsight_spark_cluster`, `azurerm_hdinsight_kafka_cluster`, `azurerm_hdinsight_interactive_query_cluster`, `azurerm_hdinsight_hbase_cluster`, `azurerm_hdinsight_hadoop_cluster`: Update documentations to match variable names in resources (hashicorp#19811) * `azurerm_app_service_connection`, `azurerm_spring_cloud_connection`, `azurerm_dev_test_global_vm_shutdown_schedule`, `azurerm_dev_test_policy`, `azurerm_dev_test_schedule`, `azurerm_stream_analytics_job`: Update documentations (hashicorp#19812) * `azurerm_site_recovery_replicated_vm`, `azurerm_sentinel_alert_rule_scheduled` and `azurerm_data_share_dataset_kusto_cluster` - fix document (hashicorp#19804) * `azurerm_kubernetes_cluster` - Fix incorrect allowed values and default value in document. (hashicorp#19773) Co-authored-by: zjhe <hezijie@microsoft.com> * `azurerm_datadog_monitor_sso_configuration` - fix default value for `name` to be a literal string (hashicorp#19771) * updating to include hashicorp#19792 * fixing inconsistency in document and code (hashicorp#19824) * Fixing doc of iothub (hashicorp#19829) * hardcode go version for link-milestone * fix (hashicorp#19838) * updating to include hashicorp#19698 * dependencies: updating to version `v0.20230103.1090844` of `github.com/hashicorp/go-azure-sdk` * doc fix: `azurerm_data_protection_backup_policy_disk` removes `resource_group_name` in doc (hashicorp#19839) * `document` remove unsetable `resource_group_name` in `azurerm_iot_time_series_insights_access_policy` (hashicorp#19835) * `document` - fix mismatch `zone` in `azurerm_dedicated_host_group` (hashicorp#19833) * `document` - Fix property name `protocol` in `azurerm_windows_virtual_machine` (hashicorp#19832) * Fix doc mismatch in `azurerm_orchestrated_virtual_machine_scale_set` (hashicorp#19831) * Update settings.kt * `document` - remove `tenant_id`in `azurerm_virutal_machine` which is not exported (hashicorp#19830) * `azurerm_monitor_activity_log_alert` - fix block conflicts (hashicorp#19827) resolves hashicorp#19797 * doc fix: add `azurerm_monitor_scheduled_query_rules_log` and `azurerm_monitor_scheduled_query_rules_alert` missed properties (hashicorp#19837) Co-authored-by: jackofallops <11830746+jackofallops@users.noreply.github.com> * Adding multiple data sources (hashicorp#19628) * CHANGELOG hashicorp#19628 * `azurerm_virtual_desktop_application_group` - Fix `azurerm_virtual_desktop_application_group` force new on `host_pool_id` change (hashicorp#19689) Fix hashicorp#19687 * CHANGELOG hashicorp#19689 * azurerm_linux/windows_web_app - add application_stack node 18-lts (hashicorp#19763) fixes hashicorp#19289 * `azurerm_route_server` - update resource creation future. (hashicorp#19772) * `azurerm_automation_software_update_configuration` - fix `expiry_time` is optional/computed (hashicorp#19774) Fixes hashicorp#19738 * CHANGELOG hashicorp#19774 * `azurerm_batch_pool` - Fix terraform fails to execute(re-run) if `azure_batch_pool` is deleted outside of terraform (hashicorp#19780) Fix hashicorp#19770 * CHANGELOG hashicorp#19780 * [WIP] `azurerm_mssql_database` : Fix test cases failing with "Provisioning is restricted in this region" issue (hashicorp#19794) * azurerm_storage_account_customer_managed_key - support ManagedHSM Key Vaults (hashicorp#19801) * fix documents (hashicorp#19826) Co-authored-by: kt <kt@katbyte.me> * `azurerm_postgresql_flexible_server` - fix acctest for `authentication` (hashicorp#19800) * CHANGELOG hashicorp#19800 * `azurerm_proximity_placement_group` - support `allowed_vm_sizes` and `zone` (hashicorp#19675) Close hashicorp#19379 * CHANGELOG hashicorp#19675 * `hdinsight_kafka_cluster_resource`: deprecate `kafka_management_node` in 4.0 (hashicorp#19423) * CHANGELOG hashicorp#19423 * `document` - fix vmss `ultra_ssd_disk_iops_read_write` and `ultra_ssd_disk_mbps_read_write` * `azurerm_kubernetes_cluster` - `scale_down_mode` can be updated (hashicorp#19823) * Update for hashicorp#19823 * updating to include hashicorp#19840 * updating to include hashicorp#19719 * New Resource: `azurerm_network_manager_network_group` (hashicorp#19593) * CHANGELOG hashicorp#19593 * `azurerm_stream_analytics_reference_input_blob`: Make `storage_account_key` optional when MSI auth is used (hashicorp#19676) Co-authored-by: Alexander Guth <alexander.guth@pwc.com> * CHANGELOG hashicorp#19676 * `azurerm_eventhub` - fix capture feature not being set issue (hashicorp#19836) fix hashicorp#19782 * Fix several wrong logic with 404 response in read * dependencies: updating to `v0.20230105.1121404` of `github.com/hashicorp/go-azure-sdk` * Docs: Fix incorrect properties (hashicorp#19864) * updating to include hashicorp#19872 * updating to include hashicorp#19871 * `azurerm_synapse_linked_service` - report error during create/update (hashicorp#19849) * Update changelog for hashicorp#19849 * `azurerm_dedicated_host` - add support for`LSv3-Type1` type (hashicorp#19875) * Update changelog for hashicorp#19875 * Fix typo in README.md (hashicorp#19878) * `azurerm_storage_share` - Update document for property `access_tier` (hashicorp#19880) Fixes hashicorp#19819 * v3.38.0 * `azurerm_nginx_deployment` - add new GA sku for nginx deployment (hashicorp#19882) * add insensitive parser for APIM Api until migrated to go-azure-sdk * `azurerm_stream_analytics_stream_input_eventhub_v2` - Add an example for MSI auth (hashicorp#19679) * `document` add example for data source `azurerm_disk_encryption_set` (hashicorp#19907) * fix app conf feature no label update (hashicorp#19900) * data source `azurerm_shared_image` - support `purchase_plan` (hashicorp#19873) * Update for hashicorp#19873 and #199000 * `azurerm_logic_app_action_http` - `body` property support "@" symbol (hashicorp#19754) * Update for hashicorp#19754 * `document` - fix import command of `azurerm_api_management_identity_profider_aadb2c` (hashicorp#19910) * Update for hashicorp#19866 * support spark verison 3.3 (hashicorp#19866) * GHA - Add waiting-response label and comment for failures (hashicorp#19895) * `azurerm_databox_edge_device` - swap to typed sdk, add data source. (hashicorp#19914) * `azurerm_cost_anomaly_alert` - New resource (hashicorp#19899) Fixes hashicorp#18062 * CHANGELOG hashicorp#19899 * `azurerm_media_services_account` - support for `encryption`, `public_network_access_enabled` properties (hashicorp#19891) * CHANGELOG hashicorp#19891 * New Data Source: `azurerm_private_dns_resolver` (hashicorp#19885) * CHANGELOG hashicorp#19885 * `azurerm_eventhub_namespace` - adding wait before deletion (hashicorp#19165) * `azurerm_sentinel_automation_rule` - Support for `triggers_on`, `triggers_when` and `condition_json` (deprecates the `condition` property) (hashicorp#19309) Co-authored-by: kt <kt@katbyte.me> Fix hashicorp#18620 * CHANGELOG hashicorp#19309 * `Site Recovery` - swap sdk and upgrade to 2022-10-01, support `network_interface.is_primary` property (hashicorp#19571) Co-authored-by: kt <kt@katbyte.me> * CHANGELOG hashicorp#19571 * New Resource `azurerm_network_manager_subscription_connection` (hashicorp#19617) * CHANGELOG hashicorp#19617 * `azurerm_storage_account` - Add 403 (previously only 401) as a valid status code for lacking permissions to list keys (hashicorp#19645) Co-authored-by: kt <kt@katbyte.me> Fix hashicorp#19622 * CHANGELOG hashicorp#19645 * `azurerm_storage_account` - Add code check for `restore_policy` prerequisites (hashicorp#19822) Co-authored-by: kt <kt@katbyte.me> Fix hashicorp#19799 * New Resource: azurerm_lab_service_lab (hashicorp#19852) * CHANGELOG hashicorp#19852 * `azurerm_public_ip` - fix ddos diff from old version (hashicorp#19860) resolves hashicorp#19855 * `azurerm_maintenance_configuration` - support `in_guest_user_patch_mode` and `install_patches` properties (hashicorp#19865) fixes hashicorp#19790 * CHANGELOG hashicorp#19865 * `azurerm_web_pubsub_hub` - modify event handler type from typeSet to TypeList to respect the user's input order (hashicorp#19886) fix hashicorp#19876 * CHANGELOG hashicorp#19886 * CHANGELOG hashicorp#19825 * `azurerm_api_management_custom_domain` - Allow setting IdentityClientId for retrieving SSL cert from key vault (hashicorp#19881) * `azurerm_mysql_flexible_server` add suport for customer_managed_key (hashicorp#19905) fixes hashicorp#19842 * CHANGELOG hashicorp#19905 * `azurerm_storage_account` - Support `allowed_copy_scope` (hashicorp#19906) Fix hashicorp#19888 * CHANGELOG hashicorp#19906 * New Resource: `azurerm_private_endpoint_application_security_group_association` (hashicorp#19825) Co-authored-by: kt <kt@katbyte.me> Fixes hashicorp#17665 * Doc: `policy_set_definition`'s `policy_definition_id` should not use `policy_set_definition_id` (hashicorp#19929) Fixes hashicorp#19003 * Docs: fix missed properties in document of `automation`, `network`, `fluidrelay server`, etc. (hashicorp#19913) * Docs: fix tf doc issues of `azurerm_media_asset_filter`, `azurerm_media_live_event_output`, `azurerm_sql_database`, `azurerm_analysis_services_server` and `azurerm_mssql_managed_instance_vulnerability_assessment` (hashicorp#19937) * dox fix * update code * Initial check-in... (hashicorp#19927) * Updating based on 3fd84505 * `azurerm_kubernetes_cluster` - `api_server_vnet_integration_enabled` and `api_server_subnet_id` added (PREVIEW) (hashicorp#19438) * `azurerm_kubernetes_cluster` - `api_server_vnet_integration_enabled` and `api_server_subnet_id` added * AccTests * Docs * Make move from subnet to no subnet impossible * Rewrite of `api_server_*` properties to `api_server_access_profile` block * Add subnet id validation * Fix read * Enhance other tests and last doc thingiez * fmt * Fix tests with `private_cluster_on` * Implement comment * Update for hashicorp#19927 and hashicorp#19438 * `azurerm_log_analytics_data_export_rule` - fix `destination_resource_id` doesn't accept Event Hub Namespace (hashicorp#19868) * fix issue 19861 * update code * update code * Update for hashicorp#19868 * update api mangement diagnostic document (hashicorp#19960) Co-authored-by: xuzhang3 <Zhangxu894765> * update machine learning workspace doc (hashicorp#19959) Co-authored-by: xuzhang3 <Zhangxu894765> * `azurerm_vmware_netapp_volume_attachment` - update docs (hashicorp#19958) * fix delete logic for netapp volume * update netapp docs * update file extension * `azurerm_policy_set_definition` - fix empty group names on update (hashicorp#19890) * Add missing groupNames field to policy_set_definition update method (hashicorp#13791) * convert set to string[] * Add acceptance test for `policy_definition_reference.policy_group_names` * fix alignment of comment * remove unneeded comments * Update for hashicorp#19890 * Update GHA for PR Labelling to `CodelyTV/pr-size-labeler@v1` (hashicorp#19961) * resource `azurerm_storage_queue` - add `resource_manager_id` * `azurerm_storage_data_lake_gen2_path`/`azurerm_storage_data_lake_gen2_filesystem` - ACLs generated by default are no longer stored in state to prevent perpetual state diffs (hashicorp#18494) * Update changelog for hashicorp#18494 * Minor documentation change to fix issue 19766 (hashicorp#19974) * Correct changelog typo (hashicorp#19973) * minor frontdoor docs update (hashicorp#19975) * updating to include hashicorp#19969 * `azurerm_app_configuration_key` - fix no label regression issue (hashicorp#19979) * `azurerm_spring_cloud_api_portal` - fix failed testcases (hashicorp#19978) * `azurerm_monitor_diagnostic_setting` - deprecate `log` in favour of `enabled_log` (hashicorp#19504) * deprecate log in favour of enabked_log and disabled_log * deprecate log in favour of enabled_log * add check for empty string * add 4.0 beta flag and review comments * fix ids * use parser in update * fix tests * review comments * fix import id error * update changelog for hashicorp#19504 * `document` - remove redundant space in import commands (hashicorp#19986) * App Service Re-allignment (hashicorp#19685) * Updated for hashicorp#19685 * `document` - Fix wrong import commands (hashicorp#19984) * `azurerm_app_service_source_control_token` - fix import command (hashicorp#19987) * `external_id` needs to reference tenant id when adding AAD group (hashicorp#19981) * publish contributor docs with mkdocs (hashicorp#19883) * mkdocs update permissions (hashicorp#19990) * `azurerm_cosmosdb_account` - remove default value for `default_identity_type` per new API behavior (hashicorp#19956) * Update changelog for hashicorp#19956 * New Data Source: `azurerm_private_dns_resolver_dns_forwarding_ruleset` (hashicorp#19941) * Update changelog for hashicorp#19941 * New Data Source: `azurerm_private_dns_resolver_outbound_endpoint` (hashicorp#19950) * Update changelog for hashicorp#19950 * r/lab_service_lab: passwords are now sensitive / the flatten blocks now set an object (hashicorp#19988) * New Data Source: `azurerm_private_dns_resolver_inbound_endpoint` (hashicorp#19948) * Update changelog for hashicorp#19948 * New Resource `azurerm_media_services_account_filter` (hashicorp#19964) * CHANGELOG hashicorp#19964 * New Resource: `azurerm_lab_service_user` (hashicorp#19957) * CHANGELOG hashicorp#19957 * New Data Source: `azurerm_private_dns_resolver_virtual_network_link` (hashicorp#19951) * Update changelog for hashicorp#19951 * Update CHANGELOG.md (hashicorp#19993) * New resource - `azurerm_application_insights_standard_web_test` (hashicorp#19954) Fixes hashicorp#14184 * CHANGELOG hashicorp#19954 * New Data Source: `azurerm_private_dns_resolver_forwarding_rule` (hashicorp#19947) * Update changelog for hashicorp#19947 * `azurerm_spring_cloud_gateway` - support for the `application_performance_monitoring_types `, `environment_variables` `sensitive_environment_variables` properties (hashicorp#19884) * CHANGELOG hashicorp#19884 * New Resource `azurerm_network_manager_management_group_connection` (hashicorp#19621) * CHANGELOG hashicorp#19621 * New resource: `azurerm_storage_account_local_user` (hashicorp#19592) Co-authored-by: Tom Harvey <tombuildsstuff@users.noreply.github.com> Co-authored-by: kt <kt@katbyte.me> Fix hashicorp#19536 * CHANGELOG hashicorp#19592 * New resource: `azurerm_sentinel_data_connector_threat_intelligence_taxii` (hashicorp#19209) * CHANGELOG hashicorp#19209 * v3.39.0 * `azurerm_cosmosdb_sql_container` - Fix property `included_path` can not be removed issue (hashicorp#19998) * fix issue 19901 * update code * update code * update code * `azurerm_log_analytics `- fixing crash during read (hashicorp#20011) * Update changelog for hashicorp#20011 * Update changelog for hashicorp#19998 * v3.39.1 * fugue PR 2: Remove calls to listKeys on storage * fugue PR 7: Make location optional for network interface * fugue PR 11: fixes for storage account * fugue PR 17: Toggle Printf logging with TF_LOG * fugue PR 18: remove validation func for snapshot name * fugue PR 20: Allow "all" access policy permissions for key vault * fugue PR 25: add configuration set to mysql and postgres * fugue PR 27: Remove storageAccessKey from sqldb extended_auditing_policy * fugue PR 28: Reader only access, adjust validations, dont read secrets * fugue PR 34: Removes admin_username and admin_password from the Container Registry schema * fugue PR 35: Reader permissions support for CosmosDB and Redis * fugue PR 36: Disable validation and remove password field in container_group * fugue PR 39: Added role_type to the Read function. * fugue PR 40: allow for missing OsProfile ComputerName and AdminUsername * fugue PR 42: Handle nil sku in vm scale sets * fugue PR 46: Profile strings can be nil * fugue PR 47: Azure scan failing for azurerm_virtual_machine_scale_set Looks like all the profile is nil * fugue PR 48: Impose 30-second timeout for azurerm_postgresql_configuration_set * fugue PR 51: Add rate limiting * chore: fixed the ID to fetch only the mysql/postgres server * chore: added debug info * chore: added update metodas so we can run it with terraform * feat: add provider module (CLOUD-1078) (#54) * fix permissions for azurerm_storage_account (#55) * comment out list keys Co-authored-by: kt <kt@katbyte.me> Co-authored-by: Xu Wu <xuwu1@microsoft.com> Co-authored-by: Elena Xin <39109137+sinbai@users.noreply.github.com> Co-authored-by: Zhenhua Hu <zhhu@microsoft.com> Co-authored-by: Neil Ye <yechenwei2007@hotmail.com> Co-authored-by: Tao <104055472+teowa@users.noreply.github.com> Co-authored-by: Yichun Ma <yicma@microsoft.com> Co-authored-by: Heng Lu <79895375+ms-henglu@users.noreply.github.com> Co-authored-by: Xiaxin <92154856+xiaxyi@users.noreply.github.com> Co-authored-by: keiranm <keiranm@gmail.com> Co-authored-by: hc-github-team-tf-azure <> Co-authored-by: magodo <wztdyl@sina.com> Co-authored-by: JT <100274846+jiaweitao001@users.noreply.github.com> Co-authored-by: ziyeqf <51212351+ziyeqf@users.noreply.github.com> Co-authored-by: lonegunmanb <lonegunmanb@hotmail.com> Co-authored-by: zjhe <hezijie@microsoft.com> Co-authored-by: Tom Harvey <tombuildsstuff@users.noreply.github.com> Co-authored-by: Yun Liu <yunliu1@microsoft.com> Co-authored-by: Steph <steph@hashicorp.com> Co-authored-by: tombuildsstuff <git@tom.ibuildstuff.eu> Co-authored-by: jackofallops <11830746+jackofallops@users.noreply.github.com> Co-authored-by: steweg <steweg@gmail.com> Co-authored-by: Pierre-Rudolf Gerlach <pgerlach@gmail.com> Co-authored-by: Martijn Baay <martijn.baay@gmail.com> Co-authored-by: Alexander Guth <alexander@familie-guth.com> Co-authored-by: Alexander Guth <alexander.guth@pwc.com> Co-authored-by: Matthew Frahry <mbfrahry@gmail.com> Co-authored-by: Assaf Giladi <123assaf@gmail.com> Co-authored-by: Vaz <74464807+vazsingh@users.noreply.github.com> Co-authored-by: jackofallops <steve@sourceoftruth.co.uk> Co-authored-by: catriona-m <86247157+catriona-m@users.noreply.github.com> Co-authored-by: aristosvo <8375124+aristosvo@users.noreply.github.com> Co-authored-by: Paul Chvl <pchanvallon@gmail.com> Co-authored-by: William <williamoconnor@me.com> Co-authored-by: bwilczynski <me@bwilczynski.com> Co-authored-by: Wodans Son <20408400+WodansSon@users.noreply.github.com> Co-authored-by: xuzhang3 <57888764+xuzhang3@users.noreply.github.com> Co-authored-by: aurelschwitter <35366240+aurelschwitter@users.noreply.github.com> Co-authored-by: Stephen Jennings <stephen.g.jennings@gmail.com> Co-authored-by: dkuzmenok <103177770+dkuzmenok@users.noreply.github.com> Co-authored-by: Neil McG <116887567+McGon-Fid@users.noreply.github.com> Co-authored-by: Oscar <oscar.ssentoogo@spacelinx.com> Co-authored-by: Robert Brandsø <62336565+robertbrandso@users.noreply.github.com> Co-authored-by: ricardo-snyk <ricardo.ferrazleal@snyk.io> Co-authored-by: Evan Nemerson <100213719+evan-snyk@users.noreply.github.com>
|
This functionality has been released in v3.39.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Community Note
Terraform (and AzureRM Provider) Version
Affected Resource(s)
azurerm_policy_set_definitionTerraform Configuration Files
modules/azurerm_policy_set_definition/main.tf
modules/azurerm_policy_set_definition/variables.tf
main.tf
Debug Output
N/A
Panic Output
N/A
Expected Behaviour
The policy initiative should have a group "Tags" created with policy definitions added to that group.
When querying the object using PowerShell after manually adding a policy definition to a group, the groupNames property shows the correct group.
Actual Behaviour
After running "terraform apply", the policy initiative is created and the group "Tags" is created, but no policy definitions are added to the group.
When querying the object using PowerShell, the groupNames property is missing from all policy definitions.
Steps to Reproduce
terraform applyImportant Factoids
None.
References
N/A
The text was updated successfully, but these errors were encountered: