Initiative module does not handle empty definition parameters
gettek opened this issue · comments
Some policy definitions (Built-In or Custom) may have empty parameters which the initiative module does not handle correctly
See PR #45
Hi there, first of all: thanks for fixing this! The fix works for policy definitions.
However, I still have similar issues in the following two cases:
- when assigning a policy initiative that has parameters, but you don't assign any (so the initiative will use defaults only. Prime example: the Azure Security Benchmark). This results in the following change at every apply:
Workaround: take a random parameter and assign the default value. This will apply the parameter, change nothing but prevent the change at every Terraform apply. - when including policies that do not have any parameters in an initiative. This will happen:
Workaround: I modified line 23 in modules > initiative > main.tf and included a length check. Instead of
parameter_values = jsonencode({
I wrote
parameter_values = (length(policy_definition_reference.value.parameters) == 0) ? "" : jsonencode({
Both of these seem like provider issues at heart, similar to this one.
My workarounds work, but you might be able to handle them in a better way in case you are interested. I just required a quick & dirty fix...
@toby-p9 thanks for bringing this to light, I will run some tests and raise a fix soon