Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New-AzPolicySetDefinition ignores policyDefinitionReferenceId value passed to PolicyDefinition #26003

Closed
mortenlerudjordet opened this issue Sep 3, 2024 · 4 comments
Closed

New-AzPolicySetDefinition ignores policyDefinitionReferenceId value passed to PolicyDefinition #26003

mortenlerudjordet opened this issue Sep 3, 2024 · 4 comments
Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. customer-reported Policy Azure Resource Policy Service Attention This issue is responsible by Azure service team.

Comments

@mortenlerudjordet
Copy link

Description

Using New-AzPolicySetDefinition, policyDefinitionReferenceId is not populated if passed as json into PolicyDefinition.

  "PolicyDefinition": [
    {
      "policyDefinitionId": "/providers/Microsoft.Management/managementGroups/MyMGMT/providers/Microsoft.Authorization/policyDefinitions/Deny-RDP-From-Internet",
      "definitionVersion": "1.*.*",
      "parameters": {
        "effect": {
          "value": "[parameters('RDPAccessEffect')]"
        }
      },
      "policyDefinitionReferenceId": "RDPAccessEffect"
    }, ...
]

$params = @{
	Name                = $PSItem.Name
	DisplayName         = "$($PSItem.DisplayName) v$($PSItem.Version)"
	Description         = $PSItem.Description
	Metadata            = ($PSItem.Metadata | ConvertTo-Json -Depth 50)
	Parameter           = ($PSItem.Parameter | ConvertTo-Json -Depth 50)
	PolicyDefinition    = ($PSItem.PolicyDefinition | ConvertTo-Json -Depth 50)
	ManagementGroupName = $PSItem.ManagementGroupId
}
$null = New-AzPolicySetDefinition @params -ErrorVariable oErr

In the deployed set definition the policyDefinitionReferenceId is not what was passed in but a random generated number.
image

Issue script & Debug output

Not relevant

Environment data

Name                           Value
----                           -----
PSVersion                      7.4.5
PSEdition                      Core
GitCommitId                    7.4.5
OS                             Microsoft Windows 10.0.22635
Platform                       Win32NT
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

Module versions

Version Name
------- ----
3.0.3   Az.Accounts
7.3.0   Az.Resources

Error output

Not relevant
@mortenlerudjordet mortenlerudjordet added bug This issue requires a change to an existing behavior in the product in order to be resolved. needs-triage This is a new issue that needs to be triaged to the appropriate team. labels Sep 3, 2024
@microsoft-github-policy-service microsoft-github-policy-service bot added customer-reported needs-triage This is a new issue that needs to be triaged to the appropriate team. and removed needs-triage This is a new issue that needs to be triaged to the appropriate team. labels Sep 3, 2024
@isra-fel isra-fel removed the needs-triage This is a new issue that needs to be triaged to the appropriate team. label Sep 5, 2024
@isra-fel
Copy link
Member

Should be fixed by #25518 (shipped in Az.Resources 7.3.0) but reproduced. I'll loop in Policy team

@isra-fel isra-fel added Policy Azure Resource Policy Service Attention This issue is responsible by Azure service team. labels Sep 12, 2024
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aperezcloud, @kenieva.

1 similar comment
@microsoft-github-policy-service Microsoft GitHub Policy Service
Copy link
Contributor

Thanks for the feedback! We are routing this to the appropriate team for follow-up. cc @aperezcloud, @kenieva.

@mortenlerudjordet
Copy link
Author

Did another pass using 7.4.0 of Az.Resources, and here policyDefinitionReferenceId gets the expected value when calling New-AzPolicySetDefinition.

Closing as fixed...

@mortenlerudjordet mortenlerudjordet mentioned this issue Sep 19, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue requires a change to an existing behavior in the product in order to be resolved. customer-reported Policy Azure Resource Policy Service Attention This issue is responsible by Azure service team.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mortenlerudjordet @isra-fel