removed bulkAddTagsToRG policy def

globalbao · Aug 19, 2020 · ef155bb · ef155bb
1 parent 2c5e907
commit ef155bb
Show file tree

Hide file tree

Showing 8 changed files with 0 additions and 179 deletions.
diff --git a/main.tf b/main.tf
@@ -51,7 +51,6 @@ module "policyset_definitions" {
   inheritTagFromRG_policy_id_3           = "${module.policy_definitions.inheritTagFromRG_policy_ids[3]}"
   inheritTagFromRG_policy_id_4           = "${module.policy_definitions.inheritTagFromRG_policy_ids[4]}"
   inheritTagFromRG_policy_id_5           = "${module.policy_definitions.inheritTagFromRG_policy_ids[5]}"
-  bulkAddTagsToRG_policy_id              = "${module.policy_definitions.bulkAddTagsToRG_policy_id}"
   bulkInheritTagsFromRG_policy_id        = "${module.policy_definitions.bulkInheritTagsFromRG_policy_id}"
   auditRoleAssignmentType_user_policy_id = "${module.policy_definitions.auditRoleAssignmentType_user_policy_id}"
   auditLockOnNetworking_policy_id        = "${module.policy_definitions.auditLockOnNetworking_policy_id}"

diff --git a/modules/policy-definitions/README.md b/modules/policy-definitions/README.md
@@ -14,7 +14,6 @@
 |:--------------------------|:-------------------------------|:----------------
 | azurerm_policy_definition | `addTagToRG`                   | 6
 | azurerm_policy_definition | `inheritTagFromRG`             | 6
-| azurerm_policy_definition | `bulkAddTagsToRG`              | 1
 | azurerm_policy_definition | `bulkInheritTagsFromRG`        | 1
 | azurerm_policy_definition | `auditRoleAssignmentType_user` | 1
 | azurerm_policy_definition | `auditLockOnNetworking`        | 1
@@ -33,7 +32,6 @@
 |:-------|:-----------|:----------
 | `addTagToRG_policy_ids` | The policy definition ids for addTagToRG policies | ${azurerm_policy_definition.addTagToRG.*.id}
 | `inheritTagFromRG_policy_ids` | The policy definition ids for inheritTagFromRG policies | ${azurerm_policy_definition.inheritTagFromRG.*.id}
-| `bulkAddTagsToRG_policy_id` | The policy definition ids for inheritTagFromRG policies | ${azurerm_policy_definition.inheritTagFromRG.*.id}
 | `bulkInheritTagsFromRG_policy_id` | The policy definition id for bulkInheritTagsFromRG | ${azurerm_policy_definition.bulkInheritTagsFromRG.id}
 | `auditRoleAssignmentType_user_policy_id` | The policy definition id for auditRoleAssignmentType_user | ${azurerm_policy_definition.auditRoleAssignmentType_user.id}
 | `auditLockOnNetworking_policy_id` | The policy definition id for auditLockOnNetworking | ${azurerm_policy_definition.auditLockOnNetworking.id}
diff --git a/modules/policy-definitions/main.tf b/modules/policy-definitions/main.tf
@@ -137,163 +137,6 @@ PARAMETERS
 
 }
 
-resource "azurerm_policy_definition" "bulkAddTagsToRG" {
-  name         = "bulkAddTagsToRG"
-  policy_type  = "Custom"
-  mode         = "All"
-  display_name = "Bulk add tags to a resource group"
-  description  = "Bulk adds the mandatory tags and tag value when any resource group missing the tags are created or updated. Existing resource groups can be remediated by triggering a remediation task.If the tag exists with a different value it will not be changed."
-
-  metadata = <<METADATA
-    {
-    "category": "${var.policy_definition_category}",
-    "version" : "1.0.0"
-    }
-
-METADATA
-
-
-  policy_rule = <<POLICY_RULE
-    {
-    "if": {
-      "allOf": [
-        {
-          "field": "type",
-          "equals": "Microsoft.Resources/subscriptions/resourceGroups"
-        },
-        {
-          "allOf": [
-            {
-              "field": "[concat('tags[', parameters('tagName1'), ']')]",
-              "exists": "false"
-            },
-            {
-              "field": "[concat('tags[', parameters('tagName3'), ']')]",
-              "exists": "false"
-            },
-            {
-              "field": "[concat('tags[', parameters('tagName4'), ']')]",
-              "exists": "false"
-            },
-            {
-              "field": "[concat('tags[', parameters('tagName5'), ']')]",
-              "exists": "false"
-            },
-            {
-              "field": "[concat('tags[', parameters('tagName6'), ']')]",
-              "exists": "false"
-            }
-          ]
-        }
-      ]
-    },
-    "then": {
-      "effect": "modify",
-      "details": {
-        "roleDefinitionIds": [
-          "/providers/microsoft.authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
-        ],
-        "operations": [
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName1'), ']')]",
-            "value": "[parameters('tagValue')]"
-          },
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName2'), ']')]",
-            "value": "[parameters('tagValue')]"
-          },
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName3'), ']')]",
-            "value": "[parameters('tagValue')]"
-          },
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName4'), ']')]",
-            "value": "[parameters('tagValue')]"
-          },
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName5'), ']')]",
-            "value": "[parameters('tagValue')]"
-          },
-          {
-            "operation": "add",
-            "field": "[concat('tags[', parameters('tagName6'), ']')]",
-            "value": "[parameters('tagValue')]"
-          }
-        ]
-      }
-    }
-  }
-POLICY_RULE
-
-
-  parameters = <<PARAMETERS
-    {
-        "tagName1": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[0]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[0]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[0]}"
-        },
-        "tagName2": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[1]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[1]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[1]}"
-        },
-        "tagName3": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[2]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[2]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[2]}"
-        },
-        "tagName4": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[3]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[3]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[3]}"
-        },
-        "tagName5": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[4]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[4]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[4]}"
-        },
-        "tagName6": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Mandatory Tag ${var.mandatory_tag_keys[5]}",
-            "description": "Name of the tag, such as '${var.mandatory_tag_keys[5]}'"
-          },
-          "defaultValue": "${var.mandatory_tag_keys[5]}"
-        },
-        "tagValue": {
-          "type": "String",
-          "metadata": {
-            "displayName": "Tag Value ${var.mandatory_tag_value}",
-            "description": "Value of the tag, such as '${var.mandatory_tag_value}'"
-          },
-          "defaultValue": "${var.mandatory_tag_value}"
-        }
-  }
-PARAMETERS
-
-}
-
 resource "azurerm_policy_definition" "bulkInheritTagsFromRG" {
   name         = "bulkInheritTagsFromRG"
   policy_type  = "Custom"

diff --git a/modules/policy-definitions/outputs.tf b/modules/policy-definitions/outputs.tf
@@ -8,11 +8,6 @@ output "inheritTagFromRG_policy_ids" {
   description = "The policy definition ids for inheritTagFromRG policies"
 }
 
-output "bulkAddTagsToRG_policy_id" {
-  value       = "${azurerm_policy_definition.bulkAddTagsToRG.id}"
-  description = "The policy definition id for bulkAddTagsToRG"
-}
-
 output "bulkInheritTagsFromRG_policy_id" {
   value       = "${azurerm_policy_definition.bulkInheritTagsFromRG.id}"
   description = "The policy definition id for bulkInheritTagsFromRG"

diff --git a/modules/policyset-definitions/README.md b/modules/policyset-definitions/README.md
@@ -34,7 +34,6 @@
 | `inheritTagFromRG_policy_id_3` | The policy definition id '3' from the 'inheritTagFromRG_policy_ids' output | `string` | null
 | `inheritTagFromRG_policy_id_4` | The policy definition id '4' from the 'inheritTagFromRG_policy_ids' output | `string` | null
 | `inheritTagFromRG_policy_id_5` | The policy definition id '5' from the 'inheritTagFromRG_policy_ids' output | `string` | null
-| `bulkAddTagsToRG_policy_id` | The policy definition id for bulkAddTagsToRG | `string` | null
 | `bulkInheritTagsFromRG_policy_id` | The policy definition id for bulkInheritTagsFromRG | `string` | null
 | `auditRoleAssignmentType_user_policy_id` | The policy definition id for auditRoleAssignmentType_user | `string` | null
 | `auditLockOnNetworking_policy_id` | The policy definition id for auditLockOnNetworking | `string` | null

diff --git a/modules/policyset-definitions/main.tf b/modules/policyset-definitions/main.tf
@@ -32,9 +32,6 @@ METADATA
         {
             "policyDefinitionId": "${var.addTagToRG_policy_id_5}"
         },
-        {
-            "policyDefinitionId": "${var.bulkAddTagsToRG_policy_id}"
-        },
         {
             "policyDefinitionId": "${var.bulkInheritTagsFromRG_policy_id}"
         },

diff --git a/modules/policyset-definitions/variables.tf b/modules/policyset-definitions/variables.tf
@@ -64,11 +64,6 @@ variable "inheritTagFromRG_policy_id_5" {
   description = "The policy definition id '5' from the 'inheritTagFromRG_policy_ids' output"
 }
 
-variable "bulkAddTagsToRG_policy_id" {
-  type        = string
-  description = "The policy definition id for bulkAddTagsToRG"
-}
-
 variable "bulkInheritTagsFromRG_policy_id" {
   type        = string
   description = "The policy definition id for bulkInheritTagsFromRG"

diff --git a/outputs.tf b/outputs.tf
@@ -8,11 +8,6 @@ output "inheritTagFromRG_policy_ids" {
   description = "The policy definition ids for inheritTagFromRG policies"
 }
 
-output "bulkAddTagsToRG_policy_id" {
-  value       = "${module.policy_definitions.bulkAddTagsToRG_policy_id}"
-  description = "The policy definition id for bulkAddTagsToRG"
-}
-
 output "bulkInheritTagsFromRG_policy_id" {
   value       = "${module.policy_definitions.bulkInheritTagsFromRG_policy_id}"
   description = "The policy definition id for bulkInheritTagsFromRG"
-Original file line number
+Diff line change
@@ Expand Up / @@ -32,9 +32,6 @@ METADATA @@
             {
                 "policyDefinitionId": "${var.addTagToRG_policy_id_5}"
             },
-            {
-                "policyDefinitionId": "${var.bulkAddTagsToRG_policy_id}"
-            },
             {
                 "policyDefinitionId": "${var.bulkInheritTagsFromRG_policy_id}"
             },
@@ Expand Down @@