anwather
commented
3 months ago @techlake - This is caused by the call to Remove-NullFields in Set-AzPolicyDefinitionRestMethod. Is there any need to have this in here? When I deploy the same policy just using PowerShell those null fields are created in the portal ok?
Removed the call and the policy deploys as expected.
Describe the bug EPAC strips away null values in policy definition attributes during deployment, even though the null values are present in the generated plan.
To Reproduce Create a custom policy definition from the built-in policy:
/providers/Microsoft.Authorization/policyDefinitions/ffb6f416-7bd2-4488-8828-56585fef2be9
Deploy this new custom policy to Azure.
When checking the custom policy from Azure, attributes with null values are striped away from the policy definition.
For example:
The "ruleSetsMap" in the original built-in policy definition contains two attributes with null values:
"Overall secure score": null, "Overall secure score - snapshot": null,
In the custom policy definition deployed by EPAC, these two are missing.
Expected behavior
Attributes with null values should not be striped away when deployed to Azure via EPAC.
EPAC Version 10.2.1