From 0308e4120d2e64b7e5584b0d2daf39670c3cb613 Mon Sep 17 00:00:00 2001
From: njucz <zhcheng@microsoft.com>
Date: Wed, 10 Mar 2021 11:14:25 +0800
Subject: [PATCH] update

---
 .../authorization/role_assignment_resource.go | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/azurerm/internal/services/authorization/role_assignment_resource.go b/azurerm/internal/services/authorization/role_assignment_resource.go
index 302f27e7994a..63a7b9399321 100644
--- a/azurerm/internal/services/authorization/role_assignment_resource.go
+++ b/azurerm/internal/services/authorization/role_assignment_resource.go
@@ -99,9 +99,10 @@ func resourceArmRoleAssignment() *schema.Resource {
 			},
 
 			"description": {
-				Type:     schema.TypeString,
-				Optional: true,
-				ForceNew: true,
+				Type:         schema.TypeString,
+				Optional:     true,
+				ForceNew:     true,
+				ValidateFunc: validation.StringIsNotEmpty,
 			},
 
 			"condition": {
@@ -180,12 +181,14 @@ func resourceArmRoleAssignmentCreate(d *schema.ResourceData, meta interface{}) e
 		},
 	}
 
-	if v, ok := d.GetOk("condition"); ok {
-		properties.RoleAssignmentProperties.Condition = utils.String(v.(string))
-	}
+	condition := d.Get("condition").(string)
+	conditionVersion := d.Get("condition_version").(string)
 
-	if v, ok := d.GetOk("condition_version"); ok {
-		properties.RoleAssignmentProperties.ConditionVersion = utils.String(v.(string))
+	if condition != "" && conditionVersion != "" {
+		properties.RoleAssignmentProperties.Condition = utils.String(condition)
+		properties.RoleAssignmentProperties.ConditionVersion = utils.String(conditionVersion)
+	} else if condition != "" || conditionVersion != "" {
+		return fmt.Errorf("`condition` and `conditionVersion` should be both set or unset")
 	}
 
 	skipPrincipalCheck := d.Get("skip_service_principal_aad_check").(bool)