forked from gettek/terraform-azurerm-policy-as-code
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
36 lines (31 loc) · 1.39 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
resource azurerm_policy_set_definition set {
name = var.initiative_name
display_name = var.initiative_display_name
description = var.initiative_description
policy_type = "Custom"
management_group_id = var.management_group_id
metadata = jsonencode(local.metadata)
parameters = length(local.parameters) > 0 ? jsonencode(local.parameters) : null
dynamic policy_definition_reference {
for_each = [for d in var.member_definitions : {
id = d.id
ref_id = replace(substr(title(replace(d.name, "/-|_|\\s/", " ")), 0, 64), "/\\s/", "")
parameters = try(jsondecode(d.parameters), {})
groups = []
}]
content {
policy_definition_id = policy_definition_reference.value.id
reference_id = policy_definition_reference.value.ref_id
parameter_values = length(policy_definition_reference.value.parameters) > 0 ? jsonencode({
for k in keys(policy_definition_reference.value.parameters) :
k => {
value = k == "effect" && var.merge_effects == false ? "[parameters('${format("%s_%s", k, policy_definition_reference.value.ref_id)}')]" : var.merge_parameters == false ? "[parameters('${format("%s_%s", k, policy_definition_reference.value.ref_id)}')]" :"[parameters('${k}')]"
}
}) : null
policy_group_names = policy_definition_reference.value.groups
}
}
timeouts {
read = "10m"
}
}