jaredfholgate
commented
1 month ago I believe this was supposed to be raised on the https://github.com/Azure/terraform-azurerm-avm-ptn-alz repo. I will move it over there.
Closed VeronicaSea closed 1 month ago
jaredfholgate
commented
1 month ago I believe this was supposed to be raised on the https://github.com/Azure/terraform-azurerm-avm-ptn-alz repo. I will move it over there.
matt-FFFFFF
commented
1 month ago Hi @VeronicaSea
Are you saying that you would like to keep the ALZ policy (set) definitions but not create the assignments? Or are you saying that you do not want the the definitions either?
Either way this can be achieved by creating your own archetype, based off the ALZ one. You just have to remove the assignments.
WDYT?
matt-FFFFFF
commented
1 month ago 
VeronicaSea
commented
1 month ago Thanks @jaredfholgate and @matt-FFFFFF . It was resolved and we can close this now.
Is there an existing issue for this?
Infrastrcuture as Code Type? (Required)
terraform
Use Case (Required)
Sometimes customers only want to deploy the management groups without assignments of ALZ default policies. After the management groups are created, they will deploy assignments of their custom policies, not assignments of ALZ default policies.
Proposed Solution (Required)
Add a parameter to toggle the assignments of ALZ policies to the below module. True to deploy, otherwise false.
module "slz_management_groups" { source = "Azure/avm-ptn-alz/azurerm" version = "~> 0.8.0" parent_resource_id = local.root_parent_management_group_id architecture_name = local.architecture_definition_name location = var.default_location enable_telemetry = false enable_policies = false # Whether to deploy the assignments of ALZ default policies. If it is set to true, the assignments of ALZ policies will be deployed, otherwise will not be deployed. }
Important Factoids (Optional)
No response
References (Optional)
No response