From 50227ae3320a6fbaf88a22346a28b5732d28322b Mon Sep 17 00:00:00 2001
From: Xan Manning <xan.manning+github-work@gmail.com>
Date: Mon, 9 Jan 2023 14:27:18 +0000
Subject: [PATCH 1/2] fix: preserve azure frontdoor waf policy tags between
 updates

---
 azure.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/azure.go b/azure.go
index 3f0da96..393f576 100644
--- a/azure.go
+++ b/azure.go
@@ -211,8 +211,13 @@ func (fd *AzureFrontDoor) update() int {
 
 	azfd := frontdoor.NewPoliciesClient(fd.SubscriptionId)
 	azfd.Authorizer, _ = a.authorize()
+
+	// Read current state of azure frontdoor
+	azfdget, _ := azfd.Get(context.Background(), fd.ResourceGroup, fd.PolicyName)
+
 	_, err := azfd.CreateOrUpdate(context.Background(), fd.ResourceGroup, fd.PolicyName, frontdoor.WebApplicationFirewallPolicy{
 		Location: to.StringPtr("Global"),
+		Tags:     azfdget.Tags, // Preserve tags for existing policies.
 		WebApplicationFirewallPolicyProperties: &frontdoor.WebApplicationFirewallPolicyProperties{
 			PolicySettings: &frontdoor.PolicySettings{
 				EnabledState:                  frontdoor.PolicyEnabledStateEnabled,

From 3838cdee5cb4718778e70ebde8ae07ac0492cc5b Mon Sep 17 00:00:00 2001
From: Xan Manning <xan.manning+github-work@gmail.com>
Date: Mon, 9 Jan 2023 14:31:39 +0000
Subject: [PATCH 2/2] feat: add example tags to test preservation

---
 terraform/frontdoor.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/terraform/frontdoor.tf b/terraform/frontdoor.tf
index 1fb3315..4c61e75 100644
--- a/terraform/frontdoor.tf
+++ b/terraform/frontdoor.tf
@@ -12,6 +12,11 @@ resource "azurerm_frontdoor_firewall_policy" "this" {
     https://xyz.com/ip-whitelister
   */
   lifecycle { ignore_changes = [custom_rule, managed_rule] }
+
+  tags = {
+    name       = var.name
+    created-by = "terraform"
+  }
 }
 
 output "azure_frontdoor_policy" {