Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Azure Policies] Support for Non-compliance messages #67

Closed
evrimsenturk opened this issue Apr 2, 2021 · 8 comments · Fixed by #601
Closed

[Azure Policies] Support for Non-compliance messages #67

evrimsenturk opened this issue Apr 2, 2021 · 8 comments · Fixed by #601
Assignees
@krowlandson
Labels
enhancement New feature or request PR-merged

Comments

@evrimsenturk
Copy link

evrimsenturk commented Apr 2, 2021
edited by jtracey93
Loading

Requested feature

Incorporation of non-compliance messages in CAF Entreprise Scale Framework

Documentation

https://docs.microsoft.com/en-gb/azure/governance/policy/concepts/assignment-structure#non-compliance-messages

Example

In the policy assignment, please note nonComplianceMessages attribute 

{
    "properties": {
        "displayName": "Enforce resource naming rules",
        "description": "Force resource names to begin with DeptA and end with -LC",
        "metadata": {
            "assignedBy": "Cloud Center of Excellence"
        },
        "enforcementMode": "DoNotEnforce",
        "notScopes": [],
        "policyDefinitionId": "/subscriptions/{mySubscriptionID}/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming",
        "nonComplianceMessages": [
            {
                "message": "Resource names must start with 'DeptA' and end with '-LC'."
            }
        ],
        "parameters": {
            "prefix": {
                "value": "DeptA"
            },
            "suffix": {
                "value": "-LC"
            }
        }
    }
}
@jtracey93
Copy link
Collaborator

Hey @evrimsenturk,

I believe this will require the azurerm provider to support the new property on policy assignments before this could be added to this module. However I agree it's a great thing to have added, when we can 👍

I have already opened an issue on the azurerm provider repo: hashicorp/terraform-provider-azurerm#10697

Please feel free to add a +1 to the issue above so it can be prioritised 👍

Thanks 😀

@evrimsenturk
Copy link
Author

Hello @jtracey93

Thanks for the quick feedback, I have added +1 on the issue #10697

Cheers

@krowlandson krowlandson self-assigned this Apr 7, 2021
@krowlandson krowlandson added the enhancement New feature or request label Apr 7, 2021
@krowlandson
Copy link
Contributor

Thank you for your request @evrimsenturk ... as @jtracey93 says, we are dependent on the AzureRM provider before we can add this capability. This will also need to be aligned to a major release as it will re-baseline backward compatibility for older provider versions.

I've added this to our backlog and we'll look to add this once available.

@krowlandson
Copy link
Contributor

Tagging hashicorp/terraform-provider-azurerm/issues/10401 as this is now the active issue for this feature request on the provider.

@matt-FFFFFF
Copy link
Member

See upstream PR:

@krowlandson krowlandson added this to the v2.0.0 release milestone Dec 27, 2021
@krowlandson
Copy link
Contributor

Now unblocked with release v2.90.0 of the Azure provider, but adding to v2.0.0 release milestone until we determine whether this will require a breaking change on templates.

@jtracey93
Copy link
Collaborator

I agree @krowlandson we could do this upstream so all implementations benefit 👍
@matt-FFFFFF agree?

@matt-FFFFFF matt-FFFFFF modified the milestones: v2.1.0, v3.0.0 Apr 27, 2022
@matt-FFFFFF matt-FFFFFF mentioned this issue Apr 28, 2022
Closed
@krowlandson krowlandson mentioned this issue Jun 13, 2022
Closed
@jtracey93 jtracey93 mentioned this issue Jul 12, 2022
Closed
@jtracey93
Copy link
Collaborator

Trigger ADO Sync

@krowlandson krowlandson modified the milestones: v3.0.0, v3.1.0 Nov 28, 2022
@krowlandson krowlandson modified the milestones: v3.1.0, v3.2.0 Dec 21, 2022
@krowlandson krowlandson mentioned this issue Feb 6, 2023
Merged
6 tasks
@ghost ghost added the PR-referenced label Feb 6, 2023
@ghost ghost added PR-merged and removed PR-referenced labels Feb 15, 2023
@ghost ghost locked as resolved and limited conversation to collaborators Mar 17, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@krowlandson krowlandson

Labels
enhancement New feature or request PR-merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Include optional non Compliance Messages for Policy Assignments
4 participants
@krowlandson @matt-FFFFFF @jtracey93 @evrimsenturk