Closed jpinsolle-bc closed 2 years ago
Hi @jpinsolle-betclic... thank you for raising this question.
Why does root_id is limited to 10 characters?
In short, the 10 character limit is due to the way we use this as a prefix for many of the other resources created by this module, allowing us to ensure we do not exceed the name length limits which vary by resource type.
We recommend using the display name for more descriptive and "human friendly" names within the management group hierarchy, as this isn't used for any other resources.
I also tried to not specify root_id parameter, I get another error because policy_definition_id computed value for policy assignment contains the default value "es" which doesn't match with any of my management groups.
The root_id
is also a crucial part of how the module uses the calculated names of resources to convert the input templates into a valid list of resources to deploy. As such, it's required (when building a custom hierarchy as you are doing) that this value matches the id
assigned to your root management group or you will get the error you've already observed.
It's probably also worth noting that all of our built-in templates work on the expectation that Policy Definitions and Initiatives are declared at the root management group scope, as this is our recommended approach.
I hope this explanation helps? I am going to close this issue as we have no plans to increase this limit further.
Community Note
Versions
terraform: 1.1.7 azure provider: 2.94 module: 1.1.3
Description
Describe the bug
Can't associate custom policy definition to management group when
root_id
length is greater than 10 characters (mycompany-root
in my case).I would like to create the following management group hierarchy:
Terraform error
Why does root_id is limited to 10 characters? This limitation restricts the naming of the management group which receives the caf-enterprise-scale framework. caf-enterprise-scale will not be applied at the root level, that's why the root_id need to be greater than 10 characters in my use case.
Steps to Reproduce
Step 1: Terraform configuration archetype_definition_lz_bug_root.json
archetype_definition_lz_bug_child.json
Terraform result
Additional context I also tried to not specify
root_id
parameter, I get another error becausepolicy_definition_id
computed value for policy assignment contains the default value "es" which doesn't match with any of my management groups.Terraform plan
Terraform error
The default value for
root_id
ises