Giters

gettek / terraform-azurerm-policy-as-code

Terraform modules that simplify the workflow of custom and built-in Azure Policies

Home Page:https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-as-code

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Initiative module adds 'effect' parameter

szczyrja opened this issue · comments

commented

Issue Template

When using the initiative module with a policy without 'effect' parameter (like "Enable Microsoft Defender for Cloud on your subscription") an error appears.

Prerequisites

  • I am running the latest version
  • I checked the documentation and found no answer
  • I checked to make sure that this issue has not already been filed

Context

  • Module Version:
  • Terraform Version: 1.2.9
  • AzureRM Provider Version: 3.23.0

Expected Behavior

No 'effect' parameter is added, no error.

Current Behavior

terraform apply fails with the above message

Possible Solution

Handling parameters in a different way

Failure Logs

│ Error: creating Policy Set Definition "corp_initiative": policy.SetDefinitionsClient#CreateOrUpdateAtManagementGroup: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="UndefinedPolicyParameter" Message="The policy set definition 'corp_initiative' is attempting to assign the parameter(s) 'effect' which are not defined in the policy definition 'ac076320-ddcf-4066-b451-6154267e8ad2'."
commented

I believe it was related to the fact of me using the assignment_effect parameter. After it's removed the problem is solved. Closing the issue