Bug Report Management policy name conflicts with built-in initiative policy (?)

[dekoningandre]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform:

azure provider:

module:

Description

Describe the bug

When deploying core management groups and policy definitions, I get error:

Error: A resource with the ID "/providers/Microsoft.Management/managementGroups/root_mg_xxx/providers/Microsoft.Authorization/policyDefinitions/Deploy-Nsg-FlowLogs" already exists - to be managed via Terraform this resource needs to be imported into the State. Please see the resource documentation for "azurerm_policy_definition" for more information. │ │ with module.enterprise_scale.azurerm_policy_definition.enterprise_scale["/providers/Microsoft.Management/managementGroups/root_mg_xxx/providers/Microsoft.Authorization/policyDefinitions/Deploy-Nsg-FlowLogs"], │ on .terraform\modules\enterprise_scale\resources.policy_definitions.tf line 1, in resource "azurerm_policy_definition" "enterprise_scale": │ 1: resource "azurerm_policy_definition" "enterprise_scale" {

... When searching for this Policy, the only one I can find that defines flow logs for NSG's is a Microsoft "built-in" initiative, which cannot be deleted. Should I be importing pre--existing Microsoft initiative policies into the statefile?

Steps to Reproduce

Standard deployment of core management groups and policies.

Screenshots

Additional context

[dekoningandre]

sorry. PEBKAC error. No bug here.