Hi @gettek

Is there any reason why the definitions mode value is not being read from the custom policy object as other parameters such as name, display name ?

policy_name = coalesce(var.policy_name, try((local.policy_object).name, null)) display_name = coalesce(var.display_name, try((local.policy_object).properties.displayName, local.title)) description = coalesce(var.policy_description, try((local.policy_object).properties.description, local.title)) metadata = coalesce(var.policy_metadata, try((local.policy_object).properties.metadata, merge({ category = local.category },{ version = local.version }))) parameters = coalesce(var.policy_parameters, try((local.policy_object).properties.parameters, null)) policy_rule = coalesce(var.policy_rule, try((local.policy_object).properties.policyRule, null))

Thanks a lot !

Hi @mezzofix

Good point... I must have overlooked this or might have been a good reason to have it as an explicit variable, cannot remember, but I can include this in the next release to pick up from the policy_object

@gettek Thanks for the quick replay 😊! Maybe it was motivated by the fact the MSFT recommends to set mode to all in most cases https://learn.microsoft.com/en-us/azure/governance/policy/concepts/definition-structure#resource-manager-modes That’s also the default value that gets set by the module. But maybe it is a good idea to let the module pull whatever mode was set in the json definition?