Closed matt-FFFFFF closed 2 years ago
Will fix in next release
Thanks!
This is rolling out now and will be visible in all regions tomorrow morning (US Pacific time)
Hi @pilor
I can see the change here in the GitHub repo, but in my tenant the incorrect type remains (string not bool)
Is there anything I need to do to get this fixed?
Interestingly this is the same on another policy:
az rest --method GET --url /providers/Microsoft.Authorization/policyDefinitions/0db34a60-64f4-4bf6-bd44-f95c16cf34b9?api-version=2021-06-01 | jq .properties.parameters.storageId
{
"metadata": {
"assignPermissions": "true",
"description": "A string with the storage id for the flowlogs to be sent to. It will be used for deployment purposes only. Make sure this storage account is located in the same region as the NSG. The format must be: '/subscriptions/{subscription id}/resourceGroups/{resourceGroup name}/providers/Microsoft.Storage/storageAccounts/{storage account name}",
"displayName": "Storage id"
},
"type": "String"
}
@matt-FFFFFF this was fixed in all policies that had this issue. It became effective a few hours after your previous comment
Ahh, thanks. I was waiting and thought there was a deployment issue based on your initial reply. It's working now thank you
I found an issue here, where the
assignPermissions
metadata property on a policy parameter is set to a string, not a bool. This has caused me an issue trying to read this policy using the Azure SDK for Go.https://github.com/Azure/azure-policy/blob/3e8d7c293826173171066b1ed1c1b0be5d236b2f/built-in-policies/policyDefinitions/Network/NetworkSecurityGroup_FlowLog_TrafficAnalytics_Deploy.json#L34-L38