Giters

gettek / terraform-azurerm-policy-as-code

Terraform modules that simplify the workflow of custom and built-in Azure Policies

Home Page:https://learn.microsoft.com/en-us/azure/governance/policy/concepts/policy-as-code

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Custom policy definition metadata with different data types

jgrexa opened this issue · comments

commented

Issue Template

Prerequisites

  • I am running the latest version
  • I checked the documentation and found no answer
  • I checked to make sure that this issue has not already been filed

Context

When custom policy definition metadata contain different data types, module failes on coealesce function.

  • Module Version: 2.8.2
  • Terraform Version:
  • AzureRM Provider Version:
# add code here
  policy_metadata = {
    version  = "1.0.0"
    category = "Network"
    owner    = "Security"
    alzCloudEnvironments = [
      "AzureCloud",
      "AzureChinaCloud",
      "AzureUSGovernment"
    ]
  }

Expected Behavior

Definition module should handle metadata with different data types correctly.

Current Behavior

Failing on error
Call to function "coalesce" failed: all arguments must have the same type.

Possible Solution

Use try() function instead coelesce() on https://github.com/gettek/terraform-azurerm-policy-as-code/blob/main/modules/definition/variables.tf#L108

Failure Information (for bugs)

Steps to Reproduce

Failure Logs

commented

Hi @jgrexa, did some digging and came across this: hashicorp/terraform#25014

Try updating the locals validation (variables.tf line 108) to the below and try again, let me know if this helps and I'll fix in the next release:

locals {
   metadata     = coalesce(null, var.policy_metadata, try((local.policy_object).properties.metadata, merge({ category = local.category }, { version = local.version })))
}