diff --git a/azurerm/config.go b/azurerm/config.go index eaf69aecdae8..8ea2bafbd5ac 100644 --- a/azurerm/config.go +++ b/azurerm/config.go @@ -35,6 +35,7 @@ import ( "github.com/Azure/azure-sdk-for-go/services/redis/mgmt/2016-04-01/redis" "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-06-01/subscriptions" "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-09-01/locks" + "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy" "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2017-05-10/resources" "github.com/Azure/azure-sdk-for-go/services/scheduler/mgmt/2016-03-01/scheduler" "github.com/Azure/azure-sdk-for-go/services/search/mgmt/2015-08-19/search" @@ -193,6 +194,9 @@ type ArmClient struct { // Web appServicePlansClient web.AppServicePlansClient appServicesClient web.AppsClient + + // Policy + policyDefinitionsClient policy.DefinitionsClient } func (c *ArmClient) configureClient(client *autorest.Client, auth autorest.Authorizer) { @@ -372,6 +376,7 @@ func getArmClient(c *authentication.Config) (*ArmClient, error) { client.registerStorageClients(endpoint, c.SubscriptionID, auth) client.registerTrafficManagerClients(endpoint, c.SubscriptionID, auth) client.registerWebClients(endpoint, c.SubscriptionID, auth) + client.registerPolicyClients(endpoint, c.SubscriptionID, auth) return &client, nil } @@ -864,6 +869,12 @@ func (c *ArmClient) registerWebClients(endpoint, subscriptionId string, auth aut c.appServicesClient = appsClient } +func (c *ArmClient) registerPolicyClients(endpoint, subscriptionId string, auth autorest.Authorizer) { + policyDefinitionsClient := policy.NewDefinitionsClientWithBaseURI(endpoint, subscriptionId) + c.configureClient(&policyDefinitionsClient.Client, auth) + c.policyDefinitionsClient = policyDefinitionsClient +} + var ( storageKeyCacheMu sync.RWMutex storageKeyCache = make(map[string]string) diff --git a/azurerm/import_arm_policy_definition_test.go b/azurerm/import_arm_policy_definition_test.go new file mode 100644 index 000000000000..347b20f3d649 --- /dev/null +++ b/azurerm/import_arm_policy_definition_test.go @@ -0,0 +1,29 @@ +package azurerm + +import ( + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" +) + +func TestAccAzureRMPolicyDefinition_importBasic(t *testing.T) { + rInt := acctest.RandInt() + resourceName := "azurerm_policy_definition.test" + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMPolicyDefinitionDestroy, + Steps: []resource.TestStep{ + { + Config: testAzureRMPolicyDefinition_basic(rInt), + }, + { + ResourceName: resourceName, + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} diff --git a/azurerm/provider.go b/azurerm/provider.go index 0330b7b0a76e..c00fc1998045 100644 --- a/azurerm/provider.go +++ b/azurerm/provider.go @@ -166,6 +166,7 @@ func Provider() terraform.ResourceProvider { "azurerm_network_security_group": resourceArmNetworkSecurityGroup(), "azurerm_network_security_rule": resourceArmNetworkSecurityRule(), "azurerm_network_watcher": resourceArmNetworkWatcher(), + "azurerm_policy_definition": resourceArmPolicyDefinition(), "azurerm_postgresql_configuration": resourceArmPostgreSQLConfiguration(), "azurerm_postgresql_database": resourceArmPostgreSQLDatabase(), "azurerm_postgresql_firewall_rule": resourceArmPostgreSQLFirewallRule(), diff --git a/azurerm/resource_arm_policy_definition.go b/azurerm/resource_arm_policy_definition.go new file mode 100644 index 000000000000..bb8dccd1397a --- /dev/null +++ b/azurerm/resource_arm_policy_definition.go @@ -0,0 +1,241 @@ +package azurerm + +import ( + "fmt" + "log" + "strings" + + "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy" + "github.com/hashicorp/terraform/helper/schema" + "github.com/hashicorp/terraform/helper/structure" + "github.com/hashicorp/terraform/helper/validation" + "github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils" +) + +func resourceArmPolicyDefinition() *schema.Resource { + return &schema.Resource{ + Create: resourceArmPolicyDefinitionCreateUpdate, + Update: resourceArmPolicyDefinitionCreateUpdate, + Read: resourceArmPolicyDefinitionRead, + Delete: resourceArmPolicyDefinitionDelete, + Importer: &schema.ResourceImporter{ + State: schema.ImportStatePassthrough, + }, + + Schema: map[string]*schema.Schema{ + "name": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + }, + + "policy_type": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + string(policy.TypeBuiltIn), + string(policy.TypeCustom), + string(policy.TypeNotSpecified), + }, true)}, + + "mode": { + Type: schema.TypeString, + Required: true, + ForceNew: true, + ValidateFunc: validation.StringInSlice([]string{ + string(policy.All), + string(policy.Indexed), + string(policy.NotSpecified), + }, true), + }, + + "display_name": { + Type: schema.TypeString, + Required: true, + }, + + "description": { + Type: schema.TypeString, + Optional: true, + }, + + "policy_rule": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: structure.SuppressJsonDiff, + }, + + "metadata": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: structure.SuppressJsonDiff, + }, + + "parameters": { + Type: schema.TypeString, + Optional: true, + ValidateFunc: validation.ValidateJsonString, + DiffSuppressFunc: structure.SuppressJsonDiff, + }, + }, + } +} + +func resourceArmPolicyDefinitionCreateUpdate(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policyDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name := d.Get("name").(string) + policyType := d.Get("policy_type").(string) + mode := d.Get("mode").(string) + displayName := d.Get("display_name").(string) + description := d.Get("description").(string) + + properties := policy.DefinitionProperties{ + PolicyType: policy.Type(policyType), + Mode: policy.Mode(mode), + DisplayName: utils.String(displayName), + Description: utils.String(description), + } + + if policyRuleString := d.Get("policy_rule").(string); policyRuleString != "" { + policyRule, err := structure.ExpandJsonFromString(policyRuleString) + if err != nil { + return fmt.Errorf("unable to parse policy_rule: %s", err) + } + properties.PolicyRule = &policyRule + } + + if metaDataString := d.Get("metadata").(string); metaDataString != "" { + metaData, err := structure.ExpandJsonFromString(metaDataString) + if err != nil { + return fmt.Errorf("unable to parse metadata: %s", err) + } + properties.Metadata = &metaData + } + + if parametersString := d.Get("parameters").(string); parametersString != "" { + parameters, err := structure.ExpandJsonFromString(parametersString) + if err != nil { + return fmt.Errorf("unable to parse parameters: %s", err) + } + properties.Parameters = ¶meters + } + + definition := policy.Definition{ + Name: utils.String(name), + DefinitionProperties: &properties, + } + + _, err := client.CreateOrUpdate(ctx, name, definition) + if err != nil { + return err + } + + resp, err := client.Get(ctx, name) + if err != nil { + return err + } + + d.SetId(*resp.ID) + + return resourceArmPolicyDefinitionRead(d, meta) +} + +func resourceArmPolicyDefinitionRead(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policyDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name, err := parsePolicyDefinitionNameFromId(d.Id()) + if err != nil { + return err + } + + resp, err := client.Get(ctx, name) + if err != nil { + if utils.ResponseWasNotFound(resp.Response) { + log.Printf("[INFO] Error reading Policy Definition %q - removing from state", d.Id()) + d.SetId("") + return nil + } + + return fmt.Errorf("Error reading Policy Definition %+v", err) + } + + d.Set("name", resp.Name) + + if props := resp.DefinitionProperties; props != nil { + d.Set("policy_type", props.PolicyType) + d.Set("mode", props.Mode) + d.Set("display_name", props.DisplayName) + d.Set("description", props.Description) + + if policyRule := props.PolicyRule; policyRule != nil { + policyRuleStr, err := structure.FlattenJsonToString(*policyRule) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `policy_rule`: %s", err) + } + + d.Set("policy_rule", policyRuleStr) + } + + if metadata := props.Metadata; metadata != nil { + metadataStr, err := structure.FlattenJsonToString(*metadata) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `metadata`: %s", err) + } + + d.Set("metadata", metadataStr) + } + + if parameters := props.Parameters; parameters != nil { + parametersStr, err := structure.FlattenJsonToString(*props.Parameters) + if err != nil { + return fmt.Errorf("unable to flatten JSON for `parameters`: %s", err) + } + + d.Set("parameters", parametersStr) + } + } + + return nil +} + +func resourceArmPolicyDefinitionDelete(d *schema.ResourceData, meta interface{}) error { + client := meta.(*ArmClient).policyDefinitionsClient + ctx := meta.(*ArmClient).StopContext + + name, err := parsePolicyDefinitionNameFromId(d.Id()) + if err != nil { + return err + } + + resp, err := client.Delete(ctx, name) + + if err != nil { + if utils.ResponseWasNotFound(resp) { + return nil + } + + return fmt.Errorf("Error deleting Policy Definition %q: %+v", name, err) + } + + return nil +} + +func parsePolicyDefinitionNameFromId(id string) (string, error) { + components := strings.Split(id, "/") + + if len(components) == 0 { + return "", fmt.Errorf("Azure Policy Definition Id is empty or not formatted correctly: %s", id) + } + + if len(components) != 7 { + return "", fmt.Errorf("Azure Policy Definition Id should have 6 segments, got %d: '%s'", len(components)-1, id) + } + + return components[6], nil +} diff --git a/azurerm/resource_arm_policy_definition_test.go b/azurerm/resource_arm_policy_definition_test.go new file mode 100644 index 000000000000..3e4f970b3977 --- /dev/null +++ b/azurerm/resource_arm_policy_definition_test.go @@ -0,0 +1,118 @@ +package azurerm + +import ( + "fmt" + "net/http" + "testing" + + "github.com/hashicorp/terraform/helper/acctest" + "github.com/hashicorp/terraform/helper/resource" + "github.com/hashicorp/terraform/terraform" +) + +func TestAccAzureRMPolicyDefinition_basic(t *testing.T) { + resourceName := "azurerm_policy_definition.test" + + ri := acctest.RandInt() + + resource.Test(t, resource.TestCase{ + PreCheck: func() { testAccPreCheck(t) }, + Providers: testAccProviders, + CheckDestroy: testCheckAzureRMPolicyDefinitionDestroy, + Steps: []resource.TestStep{ + { + Config: testAzureRMPolicyDefinition_basic(ri), + Check: resource.ComposeTestCheckFunc( + testCheckAzureRMPolicyDefinitionExists(resourceName), + ), + }, + }, + }) +} + +func testCheckAzureRMPolicyDefinitionExists(name string) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[name] + if !ok { + return fmt.Errorf("not found: %s", name) + } + + policyName := rs.Primary.Attributes["name"] + + client := testAccProvider.Meta().(*ArmClient).policyDefinitionsClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + resp, err := client.Get(ctx, policyName) + if err != nil { + return fmt.Errorf("Bad: Get on policyDefinitionsClient: %s", err) + } + + if resp.StatusCode == http.StatusNotFound { + return fmt.Errorf("policy does not exist: %s", name) + } + + return nil + } +} + +func testCheckAzureRMPolicyDefinitionDestroy(s *terraform.State) error { + client := testAccProvider.Meta().(*ArmClient).policyDefinitionsClient + ctx := testAccProvider.Meta().(*ArmClient).StopContext + + for _, rs := range s.RootModule().Resources { + if rs.Type != "azurerm_policy_definition" { + continue + } + + name := rs.Primary.Attributes["name"] + + resp, err := client.Get(ctx, name) + + if err != nil { + return nil + } + + if resp.StatusCode != http.StatusNotFound { + return fmt.Errorf("policy still exists:%s", *resp.Name) + } + } + + return nil +} + +func testAzureRMPolicyDefinition_basic(ri int) string { + return fmt.Sprintf(` +resource "azurerm_policy_definition" "test" { + name = "acctestpol-%d" + policy_type = "Custom" + mode = "All" + display_name = "acctestpol-%d" + policy_rule = < 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyAssignments", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client AssignmentsClient) ListSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client AssignmentsClient) ListResponder(resp *http.Response) (result AssignmentListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client AssignmentsClient) listNextResults(lastResults AssignmentListResult) (result AssignmentListResult, err error) { + req, err := lastResults.assignmentListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client AssignmentsClient) ListComplete(ctx context.Context, filter string) (result AssignmentListResultIterator, err error) { + result.page, err = client.List(ctx, filter) + return +} + +// ListForResource gets policy assignments for a resource. +// +// resourceGroupName is the name of the resource group containing the resource. The name is case insensitive. +// resourceProviderNamespace is the namespace of the resource provider. parentResourcePath is the parent resource path. +// resourceType is the resource type. resourceName is the name of the resource with policy assignments. filter is the +// filter to apply on the operation. +func (client AssignmentsClient) ListForResource(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, filter string) (result AssignmentListResultPage, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil { + return result, validation.NewErrorWithValidationError(err, "policy.AssignmentsClient", "ListForResource") + } + + result.fn = client.listForResourceNextResults + req, err := client.ListForResourcePreparer(ctx, resourceGroupName, resourceProviderNamespace, parentResourcePath, resourceType, resourceName, filter) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResource", nil, "Failure preparing request") + return + } + + resp, err := client.ListForResourceSender(req) + if err != nil { + result.alr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResource", resp, "Failure sending request") + return + } + + result.alr, err = client.ListForResourceResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResource", resp, "Failure responding to request") + } + + return +} + +// ListForResourcePreparer prepares the ListForResource request. +func (client AssignmentsClient) ListForResourcePreparer(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, filter string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "parentResourcePath": parentResourcePath, + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "resourceName": autorest.Encode("path", resourceName), + "resourceProviderNamespace": autorest.Encode("path", resourceProviderNamespace), + "resourceType": resourceType, + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/policyAssignments", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListForResourceSender sends the ListForResource request. The method will close the +// http.Response Body if it receives an error. +func (client AssignmentsClient) ListForResourceSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListForResourceResponder handles the response to the ListForResource request. The method always +// closes the http.Response Body. +func (client AssignmentsClient) ListForResourceResponder(resp *http.Response) (result AssignmentListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listForResourceNextResults retrieves the next set of results, if any. +func (client AssignmentsClient) listForResourceNextResults(lastResults AssignmentListResult) (result AssignmentListResult, err error) { + req, err := lastResults.assignmentListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListForResourceSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceNextResults", resp, "Failure sending next results request") + } + result, err = client.ListForResourceResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListForResourceComplete enumerates all values, automatically crossing page boundaries as required. +func (client AssignmentsClient) ListForResourceComplete(ctx context.Context, resourceGroupName string, resourceProviderNamespace string, parentResourcePath string, resourceType string, resourceName string, filter string) (result AssignmentListResultIterator, err error) { + result.page, err = client.ListForResource(ctx, resourceGroupName, resourceProviderNamespace, parentResourcePath, resourceType, resourceName, filter) + return +} + +// ListForResourceGroup gets policy assignments for the resource group. +// +// resourceGroupName is the name of the resource group that contains policy assignments. filter is the filter to apply +// on the operation. +func (client AssignmentsClient) ListForResourceGroup(ctx context.Context, resourceGroupName string, filter string) (result AssignmentListResultPage, err error) { + if err := validation.Validate([]validation.Validation{ + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil { + return result, validation.NewErrorWithValidationError(err, "policy.AssignmentsClient", "ListForResourceGroup") + } + + result.fn = client.listForResourceGroupNextResults + req, err := client.ListForResourceGroupPreparer(ctx, resourceGroupName, filter) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResourceGroup", nil, "Failure preparing request") + return + } + + resp, err := client.ListForResourceGroupSender(req) + if err != nil { + result.alr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResourceGroup", resp, "Failure sending request") + return + } + + result.alr, err = client.ListForResourceGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForResourceGroup", resp, "Failure responding to request") + } + + return +} + +// ListForResourceGroupPreparer prepares the ListForResourceGroup request. +func (client AssignmentsClient) ListForResourceGroupPreparer(ctx context.Context, resourceGroupName string, filter string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = filter + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/policyAssignments", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListForResourceGroupSender sends the ListForResourceGroup request. The method will close the +// http.Response Body if it receives an error. +func (client AssignmentsClient) ListForResourceGroupSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListForResourceGroupResponder handles the response to the ListForResourceGroup request. The method always +// closes the http.Response Body. +func (client AssignmentsClient) ListForResourceGroupResponder(resp *http.Response) (result AssignmentListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listForResourceGroupNextResults retrieves the next set of results, if any. +func (client AssignmentsClient) listForResourceGroupNextResults(lastResults AssignmentListResult) (result AssignmentListResult, err error) { + req, err := lastResults.assignmentListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceGroupNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListForResourceGroupSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceGroupNextResults", resp, "Failure sending next results request") + } + result, err = client.ListForResourceGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForResourceGroupNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListForResourceGroupComplete enumerates all values, automatically crossing page boundaries as required. +func (client AssignmentsClient) ListForResourceGroupComplete(ctx context.Context, resourceGroupName string, filter string) (result AssignmentListResultIterator, err error) { + result.page, err = client.ListForResourceGroup(ctx, resourceGroupName, filter) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/client.go new file mode 100644 index 000000000000..a89e1b63eead --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/client.go @@ -0,0 +1,51 @@ +// Package policy implements the Azure ARM Policy service API version 2016-12-01. +// +// To manage and control access to your resources, you can define customized policies and assign them at a scope. +package policy + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "github.com/Azure/go-autorest/autorest" +) + +const ( + // DefaultBaseURI is the default URI used for the service Policy + DefaultBaseURI = "https://management.azure.com" +) + +// BaseClient is the base client for Policy. +type BaseClient struct { + autorest.Client + BaseURI string + SubscriptionID string +} + +// New creates an instance of the BaseClient client. +func New(subscriptionID string) BaseClient { + return NewWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewWithBaseURI creates an instance of the BaseClient client. +func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient { + return BaseClient{ + Client: autorest.NewClientWithUserAgent(UserAgent()), + BaseURI: baseURI, + SubscriptionID: subscriptionID, + } +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/definitions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/definitions.go new file mode 100644 index 000000000000..6f362d187996 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/definitions.go @@ -0,0 +1,768 @@ +package policy + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "net/http" +) + +// DefinitionsClient is the to manage and control access to your resources, you can define customized policies and +// assign them at a scope. +type DefinitionsClient struct { + BaseClient +} + +// NewDefinitionsClient creates an instance of the DefinitionsClient client. +func NewDefinitionsClient(subscriptionID string) DefinitionsClient { + return NewDefinitionsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewDefinitionsClientWithBaseURI creates an instance of the DefinitionsClient client. +func NewDefinitionsClientWithBaseURI(baseURI string, subscriptionID string) DefinitionsClient { + return DefinitionsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdate creates or updates a policy definition. +// +// policyDefinitionName is the name of the policy definition to create. parameters is the policy definition properties. +func (client DefinitionsClient) CreateOrUpdate(ctx context.Context, policyDefinitionName string, parameters Definition) (result Definition, err error) { + req, err := client.CreateOrUpdatePreparer(ctx, policyDefinitionName, parameters) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdate", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdate", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdate", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client DefinitionsClient) CreateOrUpdatePreparer(ctx context.Context, policyDefinitionName string, parameters Definition) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsJSON(), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithJSON(parameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) CreateOrUpdateResponder(resp *http.Response) (result Definition, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// CreateOrUpdateAtManagementGroup creates or updates a policy definition at management group level. +// +// policyDefinitionName is the name of the policy definition to create. parameters is the policy definition properties. +// managementGroupID is the ID of the management group. +func (client DefinitionsClient) CreateOrUpdateAtManagementGroup(ctx context.Context, policyDefinitionName string, parameters Definition, managementGroupID string) (result Definition, err error) { + req, err := client.CreateOrUpdateAtManagementGroupPreparer(ctx, policyDefinitionName, parameters, managementGroupID) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdateAtManagementGroup", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateAtManagementGroupSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdateAtManagementGroup", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateAtManagementGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "CreateOrUpdateAtManagementGroup", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdateAtManagementGroupPreparer prepares the CreateOrUpdateAtManagementGroup request. +func (client DefinitionsClient) CreateOrUpdateAtManagementGroupPreparer(ctx context.Context, policyDefinitionName string, parameters Definition, managementGroupID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "managementGroupId": autorest.Encode("path", managementGroupID), + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsJSON(), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithJSON(parameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateAtManagementGroupSender sends the CreateOrUpdateAtManagementGroup request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) CreateOrUpdateAtManagementGroupSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// CreateOrUpdateAtManagementGroupResponder handles the response to the CreateOrUpdateAtManagementGroup request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) CreateOrUpdateAtManagementGroupResponder(resp *http.Response) (result Definition, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete deletes a policy definition. +// +// policyDefinitionName is the name of the policy definition to delete. +func (client DefinitionsClient) Delete(ctx context.Context, policyDefinitionName string) (result autorest.Response, err error) { + req, err := client.DeletePreparer(ctx, policyDefinitionName) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Delete", resp, "Failure responding to request") + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client DefinitionsClient) DeletePreparer(ctx context.Context, policyDefinitionName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) DeleteSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// DeleteAtManagementGroup deletes a policy definition at management group level. +// +// policyDefinitionName is the name of the policy definition to delete. managementGroupID is the ID of the management +// group. +func (client DefinitionsClient) DeleteAtManagementGroup(ctx context.Context, policyDefinitionName string, managementGroupID string) (result autorest.Response, err error) { + req, err := client.DeleteAtManagementGroupPreparer(ctx, policyDefinitionName, managementGroupID) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "DeleteAtManagementGroup", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteAtManagementGroupSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "DeleteAtManagementGroup", resp, "Failure sending request") + return + } + + result, err = client.DeleteAtManagementGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "DeleteAtManagementGroup", resp, "Failure responding to request") + } + + return +} + +// DeleteAtManagementGroupPreparer prepares the DeleteAtManagementGroup request. +func (client DefinitionsClient) DeleteAtManagementGroupPreparer(ctx context.Context, policyDefinitionName string, managementGroupID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "managementGroupId": autorest.Encode("path", managementGroupID), + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteAtManagementGroupSender sends the DeleteAtManagementGroup request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) DeleteAtManagementGroupSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// DeleteAtManagementGroupResponder handles the response to the DeleteAtManagementGroup request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) DeleteAtManagementGroupResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets the policy definition. +// +// policyDefinitionName is the name of the policy definition to get. +func (client DefinitionsClient) Get(ctx context.Context, policyDefinitionName string) (result Definition, err error) { + req, err := client.GetPreparer(ctx, policyDefinitionName) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "Get", resp, "Failure responding to request") + } + + return +} + +// GetPreparer prepares the Get request. +func (client DefinitionsClient) GetPreparer(ctx context.Context, policyDefinitionName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) GetSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) GetResponder(resp *http.Response) (result Definition, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// GetAtManagementGroup gets the policy definition at management group level. +// +// policyDefinitionName is the name of the policy definition to get. managementGroupID is the ID of the management +// group. +func (client DefinitionsClient) GetAtManagementGroup(ctx context.Context, policyDefinitionName string, managementGroupID string) (result Definition, err error) { + req, err := client.GetAtManagementGroupPreparer(ctx, policyDefinitionName, managementGroupID) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetAtManagementGroup", nil, "Failure preparing request") + return + } + + resp, err := client.GetAtManagementGroupSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetAtManagementGroup", resp, "Failure sending request") + return + } + + result, err = client.GetAtManagementGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetAtManagementGroup", resp, "Failure responding to request") + } + + return +} + +// GetAtManagementGroupPreparer prepares the GetAtManagementGroup request. +func (client DefinitionsClient) GetAtManagementGroupPreparer(ctx context.Context, policyDefinitionName string, managementGroupID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "managementGroupId": autorest.Encode("path", managementGroupID), + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetAtManagementGroupSender sends the GetAtManagementGroup request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) GetAtManagementGroupSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// GetAtManagementGroupResponder handles the response to the GetAtManagementGroup request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) GetAtManagementGroupResponder(resp *http.Response) (result Definition, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// GetBuiltIn gets the built in policy definition. +// +// policyDefinitionName is the name of the built in policy definition to get. +func (client DefinitionsClient) GetBuiltIn(ctx context.Context, policyDefinitionName string) (result Definition, err error) { + req, err := client.GetBuiltInPreparer(ctx, policyDefinitionName) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetBuiltIn", nil, "Failure preparing request") + return + } + + resp, err := client.GetBuiltInSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetBuiltIn", resp, "Failure sending request") + return + } + + result, err = client.GetBuiltInResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "GetBuiltIn", resp, "Failure responding to request") + } + + return +} + +// GetBuiltInPreparer prepares the GetBuiltIn request. +func (client DefinitionsClient) GetBuiltInPreparer(ctx context.Context, policyDefinitionName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "policyDefinitionName": autorest.Encode("path", policyDefinitionName), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetBuiltInSender sends the GetBuiltIn request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) GetBuiltInSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// GetBuiltInResponder handles the response to the GetBuiltIn request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) GetBuiltInResponder(resp *http.Response) (result Definition, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all the policy definitions for a subscription. +func (client DefinitionsClient) List(ctx context.Context) (result DefinitionListResultPage, err error) { + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.dlr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "List", resp, "Failure sending request") + return + } + + result.dlr, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client DefinitionsClient) ListPreparer(ctx context.Context) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) ListSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + azure.DoRetryWithRegistration(client.Client)) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) ListResponder(resp *http.Response) (result DefinitionListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client DefinitionsClient) listNextResults(lastResults DefinitionListResult) (result DefinitionListResult, err error) { + req, err := lastResults.definitionListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client DefinitionsClient) ListComplete(ctx context.Context) (result DefinitionListResultIterator, err error) { + result.page, err = client.List(ctx) + return +} + +// ListBuiltIn gets all the built in policy definitions. +func (client DefinitionsClient) ListBuiltIn(ctx context.Context) (result DefinitionListResultPage, err error) { + result.fn = client.listBuiltInNextResults + req, err := client.ListBuiltInPreparer(ctx) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListBuiltIn", nil, "Failure preparing request") + return + } + + resp, err := client.ListBuiltInSender(req) + if err != nil { + result.dlr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListBuiltIn", resp, "Failure sending request") + return + } + + result.dlr, err = client.ListBuiltInResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListBuiltIn", resp, "Failure responding to request") + } + + return +} + +// ListBuiltInPreparer prepares the ListBuiltIn request. +func (client DefinitionsClient) ListBuiltInPreparer(ctx context.Context) (*http.Request, error) { + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPath("/providers/Microsoft.Authorization/policyDefinitions"), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListBuiltInSender sends the ListBuiltIn request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) ListBuiltInSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// ListBuiltInResponder handles the response to the ListBuiltIn request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) ListBuiltInResponder(resp *http.Response) (result DefinitionListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listBuiltInNextResults retrieves the next set of results, if any. +func (client DefinitionsClient) listBuiltInNextResults(lastResults DefinitionListResult) (result DefinitionListResult, err error) { + req, err := lastResults.definitionListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listBuiltInNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListBuiltInSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listBuiltInNextResults", resp, "Failure sending next results request") + } + result, err = client.ListBuiltInResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listBuiltInNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListBuiltInComplete enumerates all values, automatically crossing page boundaries as required. +func (client DefinitionsClient) ListBuiltInComplete(ctx context.Context) (result DefinitionListResultIterator, err error) { + result.page, err = client.ListBuiltIn(ctx) + return +} + +// ListByManagementGroup gets all the policy definitions for a subscription at management group level. +// +// managementGroupID is the ID of the management group. +func (client DefinitionsClient) ListByManagementGroup(ctx context.Context, managementGroupID string) (result DefinitionListResultPage, err error) { + result.fn = client.listByManagementGroupNextResults + req, err := client.ListByManagementGroupPreparer(ctx, managementGroupID) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListByManagementGroup", nil, "Failure preparing request") + return + } + + resp, err := client.ListByManagementGroupSender(req) + if err != nil { + result.dlr.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListByManagementGroup", resp, "Failure sending request") + return + } + + result.dlr, err = client.ListByManagementGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "ListByManagementGroup", resp, "Failure responding to request") + } + + return +} + +// ListByManagementGroupPreparer prepares the ListByManagementGroup request. +func (client DefinitionsClient) ListByManagementGroupPreparer(ctx context.Context, managementGroupID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "managementGroupId": autorest.Encode("path", managementGroupID), + } + + const APIVersion = "2016-12-01" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListByManagementGroupSender sends the ListByManagementGroup request. The method will close the +// http.Response Body if it receives an error. +func (client DefinitionsClient) ListByManagementGroupSender(req *http.Request) (*http.Response, error) { + return autorest.SendWithSender(client, req, + autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...)) +} + +// ListByManagementGroupResponder handles the response to the ListByManagementGroup request. The method always +// closes the http.Response Body. +func (client DefinitionsClient) ListByManagementGroupResponder(resp *http.Response) (result DefinitionListResult, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listByManagementGroupNextResults retrieves the next set of results, if any. +func (client DefinitionsClient) listByManagementGroupNextResults(lastResults DefinitionListResult) (result DefinitionListResult, err error) { + req, err := lastResults.definitionListResultPreparer() + if err != nil { + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listByManagementGroupNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListByManagementGroupSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listByManagementGroupNextResults", resp, "Failure sending next results request") + } + result, err = client.ListByManagementGroupResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "policy.DefinitionsClient", "listByManagementGroupNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListByManagementGroupComplete enumerates all values, automatically crossing page boundaries as required. +func (client DefinitionsClient) ListByManagementGroupComplete(ctx context.Context, managementGroupID string) (result DefinitionListResultIterator, err error) { + result.page, err = client.ListByManagementGroup(ctx, managementGroupID) + return +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/models.go new file mode 100644 index 000000000000..38b2d8900207 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/models.go @@ -0,0 +1,403 @@ +package policy + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "encoding/json" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/to" + "net/http" +) + +// Mode enumerates the values for mode. +type Mode string + +const ( + // All ... + All Mode = "All" + // Indexed ... + Indexed Mode = "Indexed" + // NotSpecified ... + NotSpecified Mode = "NotSpecified" +) + +// Type enumerates the values for type. +type Type string + +const ( + // TypeBuiltIn ... + TypeBuiltIn Type = "BuiltIn" + // TypeCustom ... + TypeCustom Type = "Custom" + // TypeNotSpecified ... + TypeNotSpecified Type = "NotSpecified" +) + +// Assignment the policy assignment. +type Assignment struct { + autorest.Response `json:"-"` + // AssignmentProperties - Properties for the policy assignment. + *AssignmentProperties `json:"properties,omitempty"` + // ID - The ID of the policy assignment. + ID *string `json:"id,omitempty"` + // Type - The type of the policy assignment. + Type *string `json:"type,omitempty"` + // Name - The name of the policy assignment. + Name *string `json:"name,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for Assignment struct. +func (a *Assignment) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + var v *json.RawMessage + + v = m["properties"] + if v != nil { + var properties AssignmentProperties + err = json.Unmarshal(*m["properties"], &properties) + if err != nil { + return err + } + a.AssignmentProperties = &properties + } + + v = m["id"] + if v != nil { + var ID string + err = json.Unmarshal(*m["id"], &ID) + if err != nil { + return err + } + a.ID = &ID + } + + v = m["type"] + if v != nil { + var typeVar string + err = json.Unmarshal(*m["type"], &typeVar) + if err != nil { + return err + } + a.Type = &typeVar + } + + v = m["name"] + if v != nil { + var name string + err = json.Unmarshal(*m["name"], &name) + if err != nil { + return err + } + a.Name = &name + } + + return nil +} + +// AssignmentListResult list of policy assignments. +type AssignmentListResult struct { + autorest.Response `json:"-"` + // Value - An array of policy assignments. + Value *[]Assignment `json:"value,omitempty"` + // NextLink - The URL to use for getting the next set of results. + NextLink *string `json:"nextLink,omitempty"` +} + +// AssignmentListResultIterator provides access to a complete listing of Assignment values. +type AssignmentListResultIterator struct { + i int + page AssignmentListResultPage +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *AssignmentListResultIterator) Next() error { + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err := iter.page.Next() + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter AssignmentListResultIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter AssignmentListResultIterator) Response() AssignmentListResult { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter AssignmentListResultIterator) Value() Assignment { + if !iter.page.NotDone() { + return Assignment{} + } + return iter.page.Values()[iter.i] +} + +// IsEmpty returns true if the ListResult contains no values. +func (alr AssignmentListResult) IsEmpty() bool { + return alr.Value == nil || len(*alr.Value) == 0 +} + +// assignmentListResultPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (alr AssignmentListResult) assignmentListResultPreparer() (*http.Request, error) { + if alr.NextLink == nil || len(to.String(alr.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare(&http.Request{}, + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(alr.NextLink))) +} + +// AssignmentListResultPage contains a page of Assignment values. +type AssignmentListResultPage struct { + fn func(AssignmentListResult) (AssignmentListResult, error) + alr AssignmentListResult +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *AssignmentListResultPage) Next() error { + next, err := page.fn(page.alr) + if err != nil { + return err + } + page.alr = next + return nil +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page AssignmentListResultPage) NotDone() bool { + return !page.alr.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page AssignmentListResultPage) Response() AssignmentListResult { + return page.alr +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page AssignmentListResultPage) Values() []Assignment { + if page.alr.IsEmpty() { + return nil + } + return *page.alr.Value +} + +// AssignmentProperties the policy assignment properties. +type AssignmentProperties struct { + // DisplayName - The display name of the policy assignment. + DisplayName *string `json:"displayName,omitempty"` + // PolicyDefinitionID - The ID of the policy definition. + PolicyDefinitionID *string `json:"policyDefinitionId,omitempty"` + // Scope - The scope for the policy assignment. + Scope *string `json:"scope,omitempty"` + // Parameters - Required if a parameter is used in policy rule. + Parameters *map[string]interface{} `json:"parameters,omitempty"` + // Description - This message will be part of response in case of policy violation. + Description *string `json:"description,omitempty"` +} + +// Definition the policy definition. +type Definition struct { + autorest.Response `json:"-"` + // DefinitionProperties - The policy definition properties. + *DefinitionProperties `json:"properties,omitempty"` + // ID - The ID of the policy definition. + ID *string `json:"id,omitempty"` + // Name - The name of the policy definition. + Name *string `json:"name,omitempty"` +} + +// UnmarshalJSON is the custom unmarshaler for Definition struct. +func (d *Definition) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + var v *json.RawMessage + + v = m["properties"] + if v != nil { + var properties DefinitionProperties + err = json.Unmarshal(*m["properties"], &properties) + if err != nil { + return err + } + d.DefinitionProperties = &properties + } + + v = m["id"] + if v != nil { + var ID string + err = json.Unmarshal(*m["id"], &ID) + if err != nil { + return err + } + d.ID = &ID + } + + v = m["name"] + if v != nil { + var name string + err = json.Unmarshal(*m["name"], &name) + if err != nil { + return err + } + d.Name = &name + } + + return nil +} + +// DefinitionListResult list of policy definitions. +type DefinitionListResult struct { + autorest.Response `json:"-"` + // Value - An array of policy definitions. + Value *[]Definition `json:"value,omitempty"` + // NextLink - The URL to use for getting the next set of results. + NextLink *string `json:"nextLink,omitempty"` +} + +// DefinitionListResultIterator provides access to a complete listing of Definition values. +type DefinitionListResultIterator struct { + i int + page DefinitionListResultPage +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *DefinitionListResultIterator) Next() error { + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err := iter.page.Next() + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter DefinitionListResultIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter DefinitionListResultIterator) Response() DefinitionListResult { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter DefinitionListResultIterator) Value() Definition { + if !iter.page.NotDone() { + return Definition{} + } + return iter.page.Values()[iter.i] +} + +// IsEmpty returns true if the ListResult contains no values. +func (dlr DefinitionListResult) IsEmpty() bool { + return dlr.Value == nil || len(*dlr.Value) == 0 +} + +// definitionListResultPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (dlr DefinitionListResult) definitionListResultPreparer() (*http.Request, error) { + if dlr.NextLink == nil || len(to.String(dlr.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare(&http.Request{}, + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(dlr.NextLink))) +} + +// DefinitionListResultPage contains a page of Definition values. +type DefinitionListResultPage struct { + fn func(DefinitionListResult) (DefinitionListResult, error) + dlr DefinitionListResult +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *DefinitionListResultPage) Next() error { + next, err := page.fn(page.dlr) + if err != nil { + return err + } + page.dlr = next + return nil +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page DefinitionListResultPage) NotDone() bool { + return !page.dlr.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page DefinitionListResultPage) Response() DefinitionListResult { + return page.dlr +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page DefinitionListResultPage) Values() []Definition { + if page.dlr.IsEmpty() { + return nil + } + return *page.dlr.Value +} + +// DefinitionProperties the policy definition properties. +type DefinitionProperties struct { + // PolicyType - The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. Possible values include: 'TypeNotSpecified', 'TypeBuiltIn', 'TypeCustom' + PolicyType Type `json:"policyType,omitempty"` + // Mode - The policy definition mode. Possible values are NotSpecified, Indexed, and All. Possible values include: 'NotSpecified', 'Indexed', 'All' + Mode Mode `json:"mode,omitempty"` + // DisplayName - The display name of the policy definition. + DisplayName *string `json:"displayName,omitempty"` + // Description - The policy definition description. + Description *string `json:"description,omitempty"` + // PolicyRule - The policy rule. + PolicyRule *map[string]interface{} `json:"policyRule,omitempty"` + // Metadata - The policy definition metadata. + Metadata *map[string]interface{} `json:"metadata,omitempty"` + // Parameters - Required if a parameter is used in policy rule. + Parameters *map[string]interface{} `json:"parameters,omitempty"` +} diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/version.go new file mode 100644 index 000000000000..f76547fffde2 --- /dev/null +++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy/version.go @@ -0,0 +1,28 @@ +package policy + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +// UserAgent returns the UserAgent string to use when sending http.Requests. +func UserAgent() string { + return "Azure-SDK-For-Go/v12.5.0-beta services" +} + +// Version returns the semantic version (see http://semver.org) of the client. +func Version() string { + return "v12.5.0-beta" +} diff --git a/vendor/vendor.json b/vendor/vendor.json index 1c6ffb9e8bcd..10b85d548bc7 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -202,6 +202,14 @@ "version": "v12.5.0-beta", "versionExact": "v12.5.0-beta" }, + { + "checksumSHA1": "7LPSrzoSsTmNDBTltCsrJKJUhyc=", + "path": "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-12-01/policy", + "revision": "21b68149ccf7c16b3f028bb4c7fd0ab458fe308f", + "revisionTime": "2018-02-12T16:31:56Z", + "version": "v12.5.0-beta", + "versionExact": "v12.5.0-beta" + }, { "checksumSHA1": "oNSB5LmmOu68djMmeORcCDYn/3o=", "path": "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2017-05-10/resources", @@ -336,7 +344,6 @@ }, { "checksumSHA1": "HfqZyKllcHQDvTwgCaYL1jUPmW0=", - "comment": "v9.7.0", "path": "github.com/Azure/go-autorest/autorest/validation", "revision": "8c58b4788dedd95779efe0ac2055bb6a1b9b8e01", "revisionTime": "2018-01-06T16:29:27Z", diff --git a/website/azurerm.erb b/website/azurerm.erb index 4d9ca33c17d5..7ab4fbfdd497 100644 --- a/website/azurerm.erb +++ b/website/azurerm.erb @@ -594,6 +594,15 @@ + > + Policy Resources + + + > OMS Resources
    diff --git a/website/docs/r/policy_definition.html.markdown b/website/docs/r/policy_definition.html.markdown new file mode 100644 index 000000000000..ffa102473857 --- /dev/null +++ b/website/docs/r/policy_definition.html.markdown @@ -0,0 +1,93 @@ +--- +layout: "azurerm" +page_title: "Azure Resource Manager: azurerm_policy_definition" +sidebar_current: "docs-azurerm-resource-policy-definition" +description: |- + Creates a policy for all of the resource groups under the subscription. +--- + +# azurerm_policy_definition + +Creates a policy for all of the resource groups under the subscription. + +## Example Usage + +```hcl +resource "azurerm_policy_definition" "policy" { + name = "accTestPolicy" + policy_type = "BuiltIn" + mode = "Indexed" + display_name = "acceptance test policy definition" + policy_rule = </providers/Microsoft.Authorization/policyDefinitions/ +```