New Resource: azurerm_policy_set_definition

[olohmann]

This PR adds support for a new resource: Policy Set Definitions (aka Policy Initiatives).

Addresses issue #2193

Test Results:

> $ make testacc TESTARGS='-run=TestAccAzureRMPolicySetDefinition'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test $(go list ./... |grep -v 'vendor') -v -run=TestAccAzureRMPolicySetDefinition -timeout 180m -ldflags="-X=github.com/terraform-providers/terraform-provider-azurerm/version.ProviderVersion=acc"
?   	github.com/terraform-providers/terraform-provider-azurerm	[no test files]
=== RUN   TestAccAzureRMPolicySetDefinition_basic
=== PAUSE TestAccAzureRMPolicySetDefinition_basic
=== CONT  TestAccAzureRMPolicySetDefinition_basic
--- PASS: TestAccAzureRMPolicySetDefinition_basic (113.77s)

(fixed #2193)

[katbyte]

Hi @olohmann,

Thank you for the new resource! Aside from a few (mostly minor) comments i've left inline this is looking pretty good. Once those issues have been addressed look forward to getting this merged for you 🙂

[olohmann]

@katbyte - thanks so much for that quick and helpful review!

Applied requested changes and ran acceptance tests again.

> $ make testacc TESTARGS='-run=TestAccAzureRMPolicySetDefinition'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test $(go list ./... |grep -v 'vendor') -v -run=TestAccAzureRMPolicySetDefinition -timeout 180m -ldflags="-X=github.com/terraform-providers/terraform-provider-azurerm/version.ProviderVersion=acc"
?   	github.com/terraform-providers/terraform-provider-azurerm	[no test files]
=== RUN   TestAccAzureRMPolicySetDefinition_basic
=== PAUSE TestAccAzureRMPolicySetDefinition_basic
=== CONT  TestAccAzureRMPolicySetDefinition_basic
--- PASS: TestAccAzureRMPolicySetDefinition_basic (111.78s)

[tombuildsstuff]

hey @olohmann

Thanks for pushing those changes - I've taken a look through and left some minor comments in line but this is otherwise looking good; if we can fix those up (and add an extra test case) we should be able to get this merged 👍

Thanks!

[olohmann]

@tombuildsstuff - cheers for the review! Added requested changes.

Acceptance test results:

> $ make testacc TESTARGS='-run=TestAccAzureRMPolicySetDefinition'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test $(go list ./... |grep -v 'vendor') -v -run=TestAccAzureRMPolicySetDefinition -timeout 180m -ldflags="-X=github.com/terraform-providers/terraform-provider-azurerm/version.ProviderVersion=acc"
?   	github.com/terraform-providers/terraform-provider-azurerm	[no test files]
=== RUN   TestAccAzureRMPolicySetDefinition_built_in_policy
=== PAUSE TestAccAzureRMPolicySetDefinition_built_in_policy
=== RUN   TestAccAzureRMPolicySetDefinition_custom_policy
=== PAUSE TestAccAzureRMPolicySetDefinition_custom_policy
=== CONT  TestAccAzureRMPolicySetDefinition_built_in_policy
=== CONT  TestAccAzureRMPolicySetDefinition_custom_policy
--- PASS: TestAccAzureRMPolicySetDefinition_built_in_policy (111.13s)
--- PASS: TestAccAzureRMPolicySetDefinition_custom_policy (202.65s)

[tombuildsstuff]

hey @olohmann

Thanks for pushing those changes - aside from a few minor comments (which I'll push a commit to fix) this otherwise LGTM 👍

Thanks!

[tombuildsstuff]

Suggested change

	func TestAccAzureRMPolicySetDefinition_built_in_policy(t *testing.T) {
	func TestAccAzureRMPolicySetDefinition_builtIn(t *testing.T) {

[tombuildsstuff]

Suggested change

	func TestAccAzureRMPolicySetDefinition_custom_policy(t *testing.T) {
	func TestAccAzureRMPolicySetDefinition_custom(t *testing.T) {

[tombuildsstuff]

Suggested change

	Config: testAzureRMPolicySetDefinition_built_in_policy(ri),
	Config: testAzureRMPolicySetDefinition_builtIn(ri),

[tombuildsstuff]

Suggested change

	Config: testAzureRMPolicySetDefinition_custom_policy(ri),
	Config: testAzureRMPolicySetDefinition_custom(ri),

[tombuildsstuff]

Suggested change

	func testAzureRMPolicySetDefinition_built_in_policy(ri int) string {
	func testAzureRMPolicySetDefinition_builtIn(ri int) string {

[tombuildsstuff]

Suggested change

	func testAzureRMPolicySetDefinition_custom_policy(ri int) string {
	func testAzureRMPolicySetDefinition_custom(ri int) string {

[tombuildsstuff]

I think we should remove NotSpecified here

Suggested change

string(policy.TypeNotSpecified),

[tombuildsstuff]

since this is returned as an Enum rather than a string, it's best to cast this to a string explicitly here:

Suggested change

	d.Set("policy_type", props.PolicyType)
	d.Set("policy_type", string(props.PolicyType))

[tombuildsstuff]

We tend to phrase this as:

Suggested change

	* `policy_type` - (Required) The policy set type. The value can be `BuiltIn`, `Custom` or `NotSpecified`
	* `policy_type` - (Required) The policy set type. Possible values are `BuiltIn` or `Custom`. Changing this forces a new resource to be created.

(note I've removed NotSpecified since I don't believe we need to support it)

changes have been pushed

[tombuildsstuff]

Tests pass:

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!