From b03a3042ddb0928298e15c20e099ced742aa57b4 Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Tue, 18 Dec 2018 14:00:49 +0100 Subject: [PATCH 01/27] Added new resource: azurerm_policy_set_definition --- azurerm/config.go | 9 +- azurerm/provider.go | 1 + azurerm/resource_arm_policy_set_definition.go | 280 ++++++++++++++++++ ...resource_arm_policy_set_definition_test.go | 122 ++++++++ 4 files changed, 410 insertions(+), 2 deletions(-) create mode 100644 azurerm/resource_arm_policy_set_definition.go create mode 100644 azurerm/resource_arm_policy_set_definition_test.go diff --git a/azurerm/config.go b/azurerm/config.go index 2b90332a151e..e0be1bc82b1a 100644 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -321,8 +321,9 @@ type ArmClient struct { appServicesClient web.AppsClient // Policy - policyAssignmentsClient policy.AssignmentsClient - policyDefinitionsClient policy.DefinitionsClient + policyAssignmentsClient policy.AssignmentsClient + policyDefinitionsClient policy.DefinitionsClient + policySetDefinitionsClient policy.SetDefinitionsClient } var ( @@ -1165,6 +1166,10 @@ func (c *ArmClient) registerPolicyClients(endpoint, subscriptionId string, auth policyDefinitionsClient := policy.NewDefinitionsClientWithBaseURI(endpoint, subscriptionId) c.configureClient(&policyDefinitionsClient.Client, auth) c.policyDefinitionsClient = policyDefinitionsClient + + policySetDefinitionsClient := policy.NewSetDefinitionsClientWithBaseURI(endpoint, subscriptionId) + c.configureClient(&policySetDefinitionsClient.Client, auth) + c.policySetDefinitionsClient = policySetDefinitionsClient } func (c *ArmClient) registerManagementGroupClients(endpoint string, auth autorest.Authorizer) { diff --git a/azurerm/provider.go b/azurerm/provider.go index a6f6fde60fd0..8adc25472d8c 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -263,6 +263,7 @@ func Provider() terraform.ResourceProvider { "azurerm_packet_capture": resourceArmPacketCapture(), "azurerm_policy_assignment": resourceArmPolicyAssignment(), "azurerm_policy_definition": resourceArmPolicyDefinition(), + "azurerm_policy_set_definition": resourceArmPolicySetDefinition(), "azurerm_postgresql_configuration": resourceArmPostgreSQLConfiguration(), "azurerm_postgresql_database": resourceArmPostgreSQLDatabase(), "azurerm_postgresql_firewall_rule": resourceArmPostgreSQLFirewallRule(), diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go new file mode 100644 index 000000000000..0af8fd8189fa --- /dev/null +++ b/azurerm/resource_arm_policy_set_definition.go @@ -0,0 +1,280 @@ +package azurerm + +import ( + "context" + "fmt" + "log" + "reflect" + "strings" + + "time" + + "strconv" + + "encoding/json" + + "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/structure" + "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func resourceArmPolicySetDefinition() *schema.Resource { + return &schema.Resource{ + Create: resourceArmPolicySetDefinitionCreateUpdate, + Update: resourceArmPolicySetDefinitionCreateUpdate, + Read: resourceArmPolicySetDefinitionRead, + Delete: resourceArmPolicySetDefinitionDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + "policy_type": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + string(policy.TypeBuiltIn), + string(policy.TypeCustom), + string(policy.TypeNotSpecified), + }, true)}, + + "display_name": { + Type: schema.TypeString, + Required: true, + }, + + "description": { + Type: schema.TypeString, + Optional: true, + }, + + "metadata": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: structure.SuppressJsonDiff, + }, + + "parameters": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: structure.SuppressJsonDiff, + }, + + "policy_definitions": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: policyDefinitionsDiffSuppressFunc, + }, + }, + } +} + +func policyDefinitionsDiffSuppressFunc(k, old, new string, d *schema.ResourceData) bool { + var oldPolicyDefinitions []policy.DefinitionReference + errOld := json.Unmarshal([]byte(old), &oldPolicyDefinitions) + if errOld != nil { + return false + } + + var newPolicyDefinitions []policy.DefinitionReference + errNew := json.Unmarshal([]byte(old), &newPolicyDefinitions) + if errNew != nil { + return false + } + + return reflect.DeepEqual(oldPolicyDefinitions, newPolicyDefinitions) +} + +func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policySetDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name := d.Get("name").(string) + policyType := d.Get("policy_type").(string) + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + + properties := policy.SetDefinitionProperties{ + PolicyType: policy.Type(policyType), + DisplayName: utils.String(displayName), + Description: utils.String(description), + } + + if metaDataString := d.Get("metadata").(string); metaDataString != "" { + metaData, err := structure.ExpandJsonFromString(metaDataString) + if err != nil { + return fmt.Errorf("unable to parse metadata: %s", err) + } + properties.Metadata = &metaData + } + + if parametersString := d.Get("parameters").(string); parametersString != "" { + parameters, err := structure.ExpandJsonFromString(parametersString) + if err != nil { + return fmt.Errorf("unable to parse parameters: %s", err) + } + properties.Parameters = ¶meters + } + + if policyDefinitionsString := d.Get("policy_definitions").(string); policyDefinitionsString != "" { + var policyDefinitions []policy.DefinitionReference + err := json.Unmarshal([]byte(policyDefinitionsString), &policyDefinitions) + if err != nil { + return fmt.Errorf("unable to parse parameters: %s", err) + } + properties.PolicyDefinitions = &policyDefinitions + } + + definition := policy.SetDefinition{ + Name: utils.String(name), + SetDefinitionProperties: &properties, + } + + if _, err := client.CreateOrUpdate(ctx, name, definition); err != nil { + return err + } + + // Policy Definitions are eventually consistent; wait for them to stabilize + log.Printf("[DEBUG] Waiting for Policy Set Definition %q to become available", name) + stateConf := &resource.StateChangeConf{ + Pending: []string{"404"}, + Target: []string{"200"}, + Refresh: policySetDefinitionRefreshFunc(ctx, client, name), + Timeout: 5 * time.Minute, + MinTimeout: 10 * time.Second, + ContinuousTargetOccurence: 10, + } + if _, err := stateConf.WaitForState(); err != nil { + return fmt.Errorf("Error waiting for Policy Set Definition %q to become available: %s", name, err) + } + + resp, err := client.Get(ctx, name) + if err != nil { + return err + } + + d.SetId(*resp.ID) + + return resourceArmPolicySetDefinitionRead(d, meta) +} + +func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policySetDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name, err := parsePolicySetDefinitionNameFromId(d.Id()) + if err != nil { + return err + } + + resp, err := client.Get(ctx, name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + log.Printf("[INFO] Error reading Policy Definition %q - removing from state", d.Id()) + d.SetId("") + return nil + } + + return fmt.Errorf("Error reading Policy Definition %+v", err) + } + + d.Set("name", resp.Name) + + if props := resp.SetDefinitionProperties; props != nil { + d.Set("policy_type", props.PolicyType) + d.Set("display_name", props.DisplayName) + d.Set("description", props.Description) + + if metadata := props.Metadata; metadata != nil { + metadataVal := metadata.(map[string]interface{}) + metadataStr, err := structure.FlattenJsonToString(metadataVal) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `metadata`: %s", err) + } + + d.Set("metadata", metadataStr) + } + + if parameters := props.Parameters; parameters != nil { + paramsVal := props.Parameters.(map[string]interface{}) + parametersStr, err := structure.FlattenJsonToString(paramsVal) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `parameters`: %s", err) + } + + d.Set("parameters", parametersStr) + } + + if policyDefinitions := props.PolicyDefinitions; policyDefinitions != nil { + policyDefinitionsRes, err := json.Marshal(props.PolicyDefinitions) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `policy_defintions`: %s", err) + } + + policyDefinitionsStr := string(policyDefinitionsRes) + d.Set("policy_definitions", policyDefinitionsStr) + } + } + + return nil +} + +func resourceArmPolicySetDefinitionDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policySetDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name, err := parsePolicySetDefinitionNameFromId(d.Id()) + if err != nil { + return err + } + + resp, err := client.Delete(ctx, name) + + if err != nil { + if utils.ResponseWasNotFound(resp) { + return nil + } + + return fmt.Errorf("Error deleting Policy Definition %q: %+v", name, err) + } + + return nil +} + +func parsePolicySetDefinitionNameFromId(id string) (string, error) { + components := strings.Split(id, "/") + + if len(components) == 0 { + return "", fmt.Errorf("Azure Policy Set Definition Id is empty or not formatted correctly: %s", id) + } + + if len(components) != 7 { + return "", fmt.Errorf("Azure Policy Set Definition Id should have 6 segments, got %d: '%s'", len(components)-1, id) + } + + return components[6], nil +} + +func policySetDefinitionRefreshFunc(ctx context.Context, client policy.SetDefinitionsClient, name string) resource.StateRefreshFunc { + return func() (interface{}, string, error) { + res, err := client.Get(ctx, name) + if err != nil { + return nil, strconv.Itoa(res.StatusCode), fmt.Errorf("Error issuing read request in policyAssignmentRefreshFunc for Policy Assignment %q: %s", name, err) + } + + return res, strconv.Itoa(res.StatusCode), nil + } +} diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go new file mode 100644 index 000000000000..e2a9aec5cb1b --- /dev/null +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -0,0 +1,122 @@ +package azurerm + +import ( + "fmt" + "github.com/hashicorp/terraform/terraform" + "net/http" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccAzureRMPolicySetDefinition_basic(t *testing.T) { + resourceName := "azurerm_policy_set_definition.test" + + ri := acctest.RandInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMPolicySetDefinitionDestroy, + Steps: []resource.TestStep{ + { + Config: testAzureRMPolicySetDefinition_basic(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMPolicySetDefinitionExists(resourceName), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAzureRMPolicySetDefinition_basic(ri int) string { + return fmt.Sprintf(` +resource "azurerm_policy_set_definition" "test" { + name = "acctestpolset-%d" + policy_type = "Custom" + display_name = "acctestpolset-%d" + + parameters = < Date: Tue, 18 Dec 2018 14:49:58 +0100 Subject: [PATCH 02/27] Added documentation for azurerm_policy_set_definition. --- website/azurerm.erb | 4 + .../r/policy_set_definition.html.markdown | 85 +++++++++++++++++++ 2 files changed, 89 insertions(+) create mode 100644 website/docs/r/policy_set_definition.html.markdown diff --git a/website/azurerm.erb b/website/azurerm.erb index 2d25f057a3a3..b4f6586222bd 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -1031,6 +1031,10 @@ > azurerm_policy_definition + + > + azurerm_policy_set_definition + diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown new file mode 100644 index 000000000000..dfd58d0d26a4 --- /dev/null +++ b/website/docs/r/policy_set_definition.html.markdown @@ -0,0 +1,85 @@ +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_policy_set_definition" +sidebar_current: "docs-azurerm-resource-policy-set-definition" +description: |- + Manages a policy set definition. Policy set definitions (also known as policy initiatives) do not take effect until they are assigned to a scope using a Policy Set Assignment. +--- + +# azurerm_policy_set_definition + +Manages a policy set definition. Policy set definitions (also known as policy initiatives) do not take effect until they are assigned to a scope using a Policy Set Assignment. + +## Example Usage + +```hcl +resource "azurerm_policy_set_definition" "test" { + name = "testPolicySet" + policy_type = "Custom" + display_name = "Test Policy Set" + + parameters = </providers/Microsoft.Authorization/policySetDefinitions/ +``` From e35cb8505c13ffdf27ee5c3859774c8bff7ec829 Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Tue, 18 Dec 2018 15:55:48 +0100 Subject: [PATCH 03/27] Fixed goimports. --- azurerm/resource_arm_policy_set_definition_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go index e2a9aec5cb1b..edcd4e7cdb85 100644 --- a/azurerm/resource_arm_policy_set_definition_test.go +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -2,10 +2,11 @@ package azurerm import ( "fmt" - "github.com/hashicorp/terraform/terraform" "net/http" "testing" + "github.com/hashicorp/terraform/terraform" + "github.com/hashicorp/terraform/helper/acctest" "github.com/hashicorp/terraform/helper/resource" ) From 9565158a5de424356bef6c504223963a33b595b2 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:40:45 +0100 Subject: [PATCH 04/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 0af8fd8189fa..63d9fc6c3ea4 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -116,7 +116,7 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int if metaDataString := d.Get("metadata").(string); metaDataString != "" { metaData, err := structure.ExpandJsonFromString(metaDataString) if err != nil { - return fmt.Errorf("unable to parse metadata: %s", err) + return fmt.Errorf("unable to expand metadata json: %s", err) } properties.Metadata = &metaData } From fe23ffbc23cfcef1dcd033a2f495683894544230 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:41:01 +0100 Subject: [PATCH 05/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 63d9fc6c3ea4..3d4dd77b5932 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -124,7 +124,7 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int if parametersString := d.Get("parameters").(string); parametersString != "" { parameters, err := structure.ExpandJsonFromString(parametersString) if err != nil { - return fmt.Errorf("unable to parse parameters: %s", err) + return fmt.Errorf("unable to expand parameters json: %s", err) } properties.Parameters = ¶meters } From a79d556d775723d9a5a9f5a5878fb49b5e4a9fb5 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:41:13 +0100 Subject: [PATCH 06/27] Update website/docs/r/policy_set_definition.html.markdown Co-Authored-By: olohmann --- website/docs/r/policy_set_definition.html.markdown | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index dfd58d0d26a4..006359b458d8 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -8,7 +8,9 @@ description: |- # azurerm_policy_set_definition -Manages a policy set definition. Policy set definitions (also known as policy initiatives) do not take effect until they are assigned to a scope using a Policy Set Assignment. +Manages a policy set definition. + +-> **NOTE:** Policy set definitions (also known as policy initiatives) do not take effect until they are assigned to a scope using a Policy Set Assignment. ## Example Usage From 71599ccd7e80a6682a0ffaa65e082ba4ca200f0e Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:41:56 +0100 Subject: [PATCH 07/27] Update website/docs/r/policy_set_definition.html.markdown Co-Authored-By: olohmann --- website/docs/r/policy_set_definition.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index 006359b458d8..940a0b320f63 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -55,7 +55,7 @@ The following arguments are supported: * `name` - (Required) The name of the policy set definition. Changing this forces a new resource to be created. -* `policy_type` - (Required) The policy set type. The value can be "BuiltIn", "Custom" +* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or "NotSpecified". Changing this forces a new resource to be created. * `display_name` - (Required) The display set name of the policy definition. From 7bed6de9f152a1b6c82e541f7c6d8ffd91dc4ab4 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:42:21 +0100 Subject: [PATCH 08/27] Update website/docs/r/policy_set_definition.html.markdown Co-Authored-By: olohmann --- website/docs/r/policy_set_definition.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index 940a0b320f63..008bf49657e0 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -3,7 +3,7 @@ layout: "azurerm" page_title: "Azure Resource Manager: azurerm_policy_set_definition" sidebar_current: "docs-azurerm-resource-policy-set-definition" description: |- - Manages a policy set definition. Policy set definitions (also known as policy initiatives) do not take effect until they are assigned to a scope using a Policy Set Assignment. + Manages a policy set definition. --- # azurerm_policy_set_definition From 4538cf251c2731739740105bd5baa18425322167 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:42:32 +0100 Subject: [PATCH 09/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 3d4dd77b5932..a4fc4ee52ddd 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -133,7 +133,7 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int var policyDefinitions []policy.DefinitionReference err := json.Unmarshal([]byte(policyDefinitionsString), &policyDefinitions) if err != nil { - return fmt.Errorf("unable to parse parameters: %s", err) + return fmt.Errorf("unable to expand parameters json: %s", err) } properties.PolicyDefinitions = &policyDefinitions } From a3a60661561c3d857ba6da1869f4a3911c280bb0 Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:42:42 +0100 Subject: [PATCH 10/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 1 - 1 file changed, 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index a4fc4ee52ddd..637771f0e406 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -242,7 +242,6 @@ func resourceArmPolicySetDefinitionDelete(d *schema.ResourceData, meta interface } resp, err := client.Delete(ctx, name) - if err != nil { if utils.ResponseWasNotFound(resp) { return nil From 29946010bdb62fb542146d773dfd4e837c01eaca Mon Sep 17 00:00:00 2001 From: kt Date: Tue, 18 Dec 2018 18:42:53 +0100 Subject: [PATCH 11/27] Update azurerm/resource_arm_policy_set_definition_test.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go index edcd4e7cdb85..33f7ad5222c6 100644 --- a/azurerm/resource_arm_policy_set_definition_test.go +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -109,7 +109,6 @@ func testCheckAzureRMPolicySetDefinitionDestroy(s *terraform.State) error { name := rs.Primary.Attributes["name"] resp, err := client.Get(ctx, name) - if err != nil { return nil } From 14c7a114cc903776d8188083f090be2d7fad21db Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Tue, 18 Dec 2018 19:10:03 +0100 Subject: [PATCH 12/27] Added parameter validation. --- azurerm/resource_arm_policy_set_definition.go | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 637771f0e406..80ee30e98f14 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -7,6 +7,8 @@ import ( "reflect" "strings" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate" + "time" "strconv" @@ -33,9 +35,10 @@ func resourceArmPolicySetDefinition() *schema.Resource { Schema: map[string]*schema.Schema{ "name": { - Type: schema.TypeString, - Required: true, - ForceNew: true, + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validate.NoEmptyStrings, }, "policy_type": { @@ -49,8 +52,9 @@ func resourceArmPolicySetDefinition() *schema.Resource { }, true)}, "display_name": { - Type: schema.TypeString, - Required: true, + Type: schema.TypeString, + Required: true, + ValidateFunc: validate.NoEmptyStrings, }, "description": { From 5e29dae258269a70360c91c25d7473b503b5b476 Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Tue, 18 Dec 2018 19:10:50 +0100 Subject: [PATCH 13/27] Clean up formatting and import sample. --- .../docs/r/policy_set_definition.html.markdown | 18 ++++++------------ 1 file changed, 6 insertions(+), 12 deletions(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index 008bf49657e0..555ebecdcc44 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -52,25 +52,19 @@ POLICY_DEFINITIONS The following arguments are supported: -* `name` - (Required) The name of the policy set definition. Changing this forces a - new resource to be created. +* `name` - (Required) The name of the policy set definition. Changing this forces a new resource to be created. -* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` - or "NotSpecified". Changing this forces a new resource to be created. +* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or "NotSpecified". Changing this forces a new resource to be created. * `display_name` - (Required) The display set name of the policy definition. -* `policy_definitions` - (Required) The policy definitions for the policy set definition. This - is a json object representing the bundled policy definitions . +* `policy_definitions` - (Required) The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions . * `description` - (Optional) The description of the policy set definition. -* `metadata` - (Optional) The metadata for the policy definition. This - is a json object representing additional metadata that should be stored - with the policy definition. +* `metadata` - (Optional) The metadata for the policy definition. This is a json object representing additional metadata that should be stored with the policy definition. -* `parameters` - (Optional) Parameters for the policy definition. This field - is a json object that allows you to parameterize your policy definition. +* `parameters` - (Optional) Parameters for the policy definition. This field is a json object that allows you to parameterize your policy definition. ## Attributes Reference @@ -83,5 +77,5 @@ The following attributes are exported: Policy Set Definitions can be imported using the `policy set name`, e.g. ```shell -terraform import azurerm_policy_set_definition.testPolicy /subscriptions//providers/Microsoft.Authorization/policySetDefinitions/ +terraform import azurerm_policy_set_definition.test /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/testPolicySet ``` From ef487575b9803f987395ef827181c07d4e3e7c8b Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Tue, 18 Dec 2018 19:32:39 +0100 Subject: [PATCH 14/27] Fixed whitespace. --- azurerm/resource_arm_policy_set_definition_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go index 33f7ad5222c6..0a4872a67018 100644 --- a/azurerm/resource_arm_policy_set_definition_test.go +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -114,7 +114,7 @@ func testCheckAzureRMPolicySetDefinitionDestroy(s *terraform.State) error { } if resp.StatusCode != http.StatusNotFound { - return fmt.Errorf("policy set still exists:%s", *resp.Name) + return fmt.Errorf("policy set still exists: %s", *resp.Name) } } From 67bd3e97f0bc45dee247a5089cd89794b71f89e5 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:23:20 +0100 Subject: [PATCH 15/27] Update website/docs/r/policy_set_definition.html.markdown Co-Authored-By: olohmann --- website/docs/r/policy_set_definition.html.markdown | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index 555ebecdcc44..e0804c9f5811 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -54,7 +54,8 @@ The following arguments are supported: * `name` - (Required) The name of the policy set definition. Changing this forces a new resource to be created. -* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or "NotSpecified". Changing this forces a new resource to be created. +* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or `NotSpecified` +. Changing this forces a new resource to be created. * `display_name` - (Required) The display set name of the policy definition. From 5f25b444639201e449d431e75d61956ac27446f7 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:23:35 +0100 Subject: [PATCH 16/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 80ee30e98f14..0d78d9dbd8da 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -148,7 +148,7 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int } if _, err := client.CreateOrUpdate(ctx, name, definition); err != nil { - return err + return fmt.Errorf("Error creating/updating Policy Set Definition %q: %s", name, err) } // Policy Definitions are eventually consistent; wait for them to stabilize From a3f42a01f21434fb3f56b62c2fa9a410a87d9e19 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:23:47 +0100 Subject: [PATCH 17/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 0d78d9dbd8da..413b9dbd893b 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -251,7 +251,7 @@ func resourceArmPolicySetDefinitionDelete(d *schema.ResourceData, meta interface return nil } - return fmt.Errorf("Error deleting Policy Definition %q: %+v", name, err) + return fmt.Errorf("Error deleting Policy Set Definition %q: %+v", name, err) } return nil From 551a7a79a2b3c4b4f9f538f665ef836084243eb1 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:24:02 +0100 Subject: [PATCH 18/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 413b9dbd893b..2179ae520a07 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -213,7 +213,7 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{} } if parameters := props.Parameters; parameters != nil { - paramsVal := props.Parameters.(map[string]interface{}) + paramsVal := parameters.(map[string]interface{}) parametersStr, err := structure.FlattenJsonToString(paramsVal) if err != nil { return fmt.Errorf("unable to flatten JSON for `parameters`: %s", err) From 32da5106b0084036922b2c13c14bbd630124bc6a Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:24:59 +0100 Subject: [PATCH 19/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 2179ae520a07..467e0c2951e9 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -94,7 +94,7 @@ func policyDefinitionsDiffSuppressFunc(k, old, new string, d *schema.ResourceDat } var newPolicyDefinitions []policy.DefinitionReference - errNew := json.Unmarshal([]byte(old), &newPolicyDefinitions) + errNew := json.Unmarshal([]byte(new), &newPolicyDefinitions) if errNew != nil { return false } From faabcf31164dcdcabd31b657bd64d9cbd70dce1d Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:25:19 +0100 Subject: [PATCH 20/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 467e0c2951e9..90f6c21a9cc2 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -167,7 +167,7 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int resp, err := client.Get(ctx, name) if err != nil { - return err + return fmt.Errorf("Error retrieving Policy Set Definition %q: %s", name, err) } d.SetId(*resp.ID) From 78372b8b873e89957e81c0768cd035a17047d757 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:27:39 +0100 Subject: [PATCH 21/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 90f6c21a9cc2..703f9be3c657 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -223,7 +223,7 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{} } if policyDefinitions := props.PolicyDefinitions; policyDefinitions != nil { - policyDefinitionsRes, err := json.Marshal(props.PolicyDefinitions) + policyDefinitionsRes, err := json.Marshal(policyDefinitions) if err != nil { return fmt.Errorf("unable to flatten JSON for `policy_defintions`: %s", err) } From 73720f39af78f72a8aa230f17422aa59aae989b5 Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:28:22 +0100 Subject: [PATCH 22/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 703f9be3c657..a3f09b84540c 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -49,7 +49,7 @@ func resourceArmPolicySetDefinition() *schema.Resource { string(policy.TypeBuiltIn), string(policy.TypeCustom), string(policy.TypeNotSpecified), - }, true)}, + }, false)}, "display_name": { Type: schema.TypeString, From f277daf700b22208c2d6df645720ba48a687a39a Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:28:41 +0100 Subject: [PATCH 23/27] Update website/docs/r/policy_set_definition.html.markdown Co-Authored-By: olohmann --- website/docs/r/policy_set_definition.html.markdown | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index e0804c9f5811..7a5f2f091cca 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -75,7 +75,7 @@ The following attributes are exported: ## Import -Policy Set Definitions can be imported using the `policy set name`, e.g. +Policy Set Definitions can be imported using the Resource ID, e.g. ```shell terraform import azurerm_policy_set_definition.test /subscriptions/00000000-0000-0000-0000-000000000000/providers/Microsoft.Authorization/policySetDefinitions/testPolicySet From c11d20dbbc11aad37cb2488fce669ba8c533b7cb Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:45:56 +0100 Subject: [PATCH 24/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index a3f09b84540c..45432723adb8 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -192,7 +192,7 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{} return nil } - return fmt.Errorf("Error reading Policy Definition %+v", err) + return fmt.Errorf("Error reading Policy Set Definition %+v", err) } d.Set("name", resp.Name) From e105206e442b73f64cee574b0e6f286def95f22c Mon Sep 17 00:00:00 2001 From: Tom Harvey Date: Wed, 19 Dec 2018 19:46:15 +0100 Subject: [PATCH 25/27] Update azurerm/resource_arm_policy_set_definition.go Co-Authored-By: olohmann --- azurerm/resource_arm_policy_set_definition.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index 45432723adb8..a6f7737e9aa8 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -187,7 +187,7 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{} resp, err := client.Get(ctx, name) if err != nil { if utils.ResponseWasNotFound(resp.Response) { - log.Printf("[INFO] Error reading Policy Definition %q - removing from state", d.Id()) + log.Printf("[INFO] Error reading Policy Set Definition %q - removing from state", d.Id()) d.SetId("") return nil } From 2d4cd010b56800421bd446fa2274709fc32c5759 Mon Sep 17 00:00:00 2001 From: Oliver Lohmann Date: Wed, 19 Dec 2018 20:52:27 +0100 Subject: [PATCH 26/27] Additional acceptance test case for custom policies. --- ...resource_arm_policy_set_definition_test.go | 101 +++++++++++++++++- 1 file changed, 98 insertions(+), 3 deletions(-) diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go index 0a4872a67018..5e1fe1b74d22 100644 --- a/azurerm/resource_arm_policy_set_definition_test.go +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -11,7 +11,7 @@ import ( "github.com/hashicorp/terraform/helper/resource" ) -func TestAccAzureRMPolicySetDefinition_basic(t *testing.T) { +func TestAccAzureRMPolicySetDefinition_built_in_policy(t *testing.T) { resourceName := "azurerm_policy_set_definition.test" ri := acctest.RandInt() @@ -22,7 +22,7 @@ func TestAccAzureRMPolicySetDefinition_basic(t *testing.T) { CheckDestroy: testCheckAzureRMPolicySetDefinitionDestroy, Steps: []resource.TestStep{ { - Config: testAzureRMPolicySetDefinition_basic(ri), + Config: testAzureRMPolicySetDefinition_built_in_policy(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMPolicySetDefinitionExists(resourceName), ), @@ -36,7 +36,32 @@ func TestAccAzureRMPolicySetDefinition_basic(t *testing.T) { }) } -func testAzureRMPolicySetDefinition_basic(ri int) string { +func TestAccAzureRMPolicySetDefinition_custom_policy(t *testing.T) { + resourceName := "azurerm_policy_set_definition.test" + + ri := acctest.RandInt() + + resource.ParallelTest(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMPolicySetDefinitionDestroy, + Steps: []resource.TestStep{ + { + Config: testAzureRMPolicySetDefinition_custom_policy(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMPolicySetDefinitionExists(resourceName), + ), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + +func testAzureRMPolicySetDefinition_built_in_policy(ri int) string { return fmt.Sprintf(` resource "azurerm_policy_set_definition" "test" { name = "acctestpolset-%d" @@ -72,6 +97,76 @@ POLICY_DEFINITIONS `, ri, ri) } +func testAzureRMPolicySetDefinition_custom_policy(ri int) string { + return fmt.Sprintf(` +resource "azurerm_policy_definition" "test" { + name = "acctestpol-%d" + policy_type = "Custom" + mode = "All" + display_name = "acctestpol-%d" + + policy_rule = < Date: Thu, 20 Dec 2018 09:37:14 +0000 Subject: [PATCH 27/27] Fixing issues from code review --- azurerm/resource_arm_policy_set_definition.go | 18 +++++++----------- .../resource_arm_policy_set_definition_test.go | 16 ++++++++-------- .../docs/r/policy_set_definition.html.markdown | 9 ++++----- 3 files changed, 19 insertions(+), 24 deletions(-) diff --git a/azurerm/resource_arm_policy_set_definition.go b/azurerm/resource_arm_policy_set_definition.go index a6f7737e9aa8..0e379336092f 100644 --- a/azurerm/resource_arm_policy_set_definition.go +++ b/azurerm/resource_arm_policy_set_definition.go @@ -2,24 +2,20 @@ package azurerm import ( "context" + "encoding/json" "fmt" "log" "reflect" + "strconv" "strings" - - "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate" - "time" - "strconv" - - "encoding/json" - "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy" "github.com/hashicorp/terraform/helper/resource" "github.com/hashicorp/terraform/helper/schema" "github.com/hashicorp/terraform/helper/structure" "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/validate" "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" ) @@ -48,8 +44,8 @@ func resourceArmPolicySetDefinition() *schema.Resource { ValidateFunc: validation.StringInSlice([]string{ string(policy.TypeBuiltIn), string(policy.TypeCustom), - string(policy.TypeNotSpecified), - }, false)}, + }, false), + }, "display_name": { Type: schema.TypeString, @@ -198,7 +194,7 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{} d.Set("name", resp.Name) if props := resp.SetDefinitionProperties; props != nil { - d.Set("policy_type", props.PolicyType) + d.Set("policy_type", string(props.PolicyType)) d.Set("display_name", props.DisplayName) d.Set("description", props.Description) @@ -275,7 +271,7 @@ func policySetDefinitionRefreshFunc(ctx context.Context, client policy.SetDefini return func() (interface{}, string, error) { res, err := client.Get(ctx, name) if err != nil { - return nil, strconv.Itoa(res.StatusCode), fmt.Errorf("Error issuing read request in policyAssignmentRefreshFunc for Policy Assignment %q: %s", name, err) + return nil, strconv.Itoa(res.StatusCode), fmt.Errorf("Error issuing read request in policySetDefinitionRefreshFunc for Policy Set Definition %q: %s", name, err) } return res, strconv.Itoa(res.StatusCode), nil diff --git a/azurerm/resource_arm_policy_set_definition_test.go b/azurerm/resource_arm_policy_set_definition_test.go index 5e1fe1b74d22..d2930c6709b1 100644 --- a/azurerm/resource_arm_policy_set_definition_test.go +++ b/azurerm/resource_arm_policy_set_definition_test.go @@ -11,7 +11,7 @@ import ( "github.com/hashicorp/terraform/helper/resource" ) -func TestAccAzureRMPolicySetDefinition_built_in_policy(t *testing.T) { +func TestAccAzureRMPolicySetDefinition_builtIn(t *testing.T) { resourceName := "azurerm_policy_set_definition.test" ri := acctest.RandInt() @@ -22,7 +22,7 @@ func TestAccAzureRMPolicySetDefinition_built_in_policy(t *testing.T) { CheckDestroy: testCheckAzureRMPolicySetDefinitionDestroy, Steps: []resource.TestStep{ { - Config: testAzureRMPolicySetDefinition_built_in_policy(ri), + Config: testAzureRMPolicySetDefinition_builtIn(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMPolicySetDefinitionExists(resourceName), ), @@ -36,7 +36,7 @@ func TestAccAzureRMPolicySetDefinition_built_in_policy(t *testing.T) { }) } -func TestAccAzureRMPolicySetDefinition_custom_policy(t *testing.T) { +func TestAccAzureRMPolicySetDefinition_custom(t *testing.T) { resourceName := "azurerm_policy_set_definition.test" ri := acctest.RandInt() @@ -47,7 +47,7 @@ func TestAccAzureRMPolicySetDefinition_custom_policy(t *testing.T) { CheckDestroy: testCheckAzureRMPolicySetDefinitionDestroy, Steps: []resource.TestStep{ { - Config: testAzureRMPolicySetDefinition_custom_policy(ri), + Config: testAzureRMPolicySetDefinition_custom(ri), Check: resource.ComposeTestCheckFunc( testCheckAzureRMPolicySetDefinitionExists(resourceName), ), @@ -61,7 +61,7 @@ func TestAccAzureRMPolicySetDefinition_custom_policy(t *testing.T) { }) } -func testAzureRMPolicySetDefinition_built_in_policy(ri int) string { +func testAzureRMPolicySetDefinition_builtIn(ri int) string { return fmt.Sprintf(` resource "azurerm_policy_set_definition" "test" { name = "acctestpolset-%d" @@ -97,7 +97,7 @@ POLICY_DEFINITIONS `, ri, ri) } -func testAzureRMPolicySetDefinition_custom_policy(ri int) string { +func testAzureRMPolicySetDefinition_custom(ri int) string { return fmt.Sprintf(` resource "azurerm_policy_definition" "test" { name = "acctestpol-%d" @@ -185,7 +185,7 @@ func testCheckAzureRMPolicySetDefinitionExists(name string) resource.TestCheckFu } if resp.StatusCode == http.StatusNotFound { - return fmt.Errorf("policy set does not exist: %s", name) + return fmt.Errorf("policy set definition does not exist: %s", name) } return nil @@ -209,7 +209,7 @@ func testCheckAzureRMPolicySetDefinitionDestroy(s *terraform.State) error { } if resp.StatusCode != http.StatusNotFound { - return fmt.Errorf("policy set still exists: %s", *resp.Name) + return fmt.Errorf("policy set definition still exists: %s", *resp.Name) } } diff --git a/website/docs/r/policy_set_definition.html.markdown b/website/docs/r/policy_set_definition.html.markdown index 7a5f2f091cca..8d34c5aff77f 100644 --- a/website/docs/r/policy_set_definition.html.markdown +++ b/website/docs/r/policy_set_definition.html.markdown @@ -54,18 +54,17 @@ The following arguments are supported: * `name` - (Required) The name of the policy set definition. Changing this forces a new resource to be created. -* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or `NotSpecified` -. Changing this forces a new resource to be created. +* `policy_type` - (Required) The policy set type. Possible values are `BuiltIn` or `Custom`. Changing this forces a new resource to be created. -* `display_name` - (Required) The display set name of the policy definition. +* `display_name` - (Required) The display name of the policy set definition. * `policy_definitions` - (Required) The policy definitions for the policy set definition. This is a json object representing the bundled policy definitions . * `description` - (Optional) The description of the policy set definition. -* `metadata` - (Optional) The metadata for the policy definition. This is a json object representing additional metadata that should be stored with the policy definition. +* `metadata` - (Optional) The metadata for the policy set definition. This is a json object representing additional metadata that should be stored with the policy definition. -* `parameters` - (Optional) Parameters for the policy definition. This field is a json object that allows you to parameterize your policy definition. +* `parameters` - (Optional) Parameters for the policy set definition. This field is a json object that allows you to parameterize your policy definition. ## Attributes Reference