azuread_conditional_access_policy: make platform and location optional, require one of included_applications or included_user_actions #775
Conversation
There was a problem hiding this comment.
Hi @michaelmingram, many thanks for this contribution!
To facilitate unsetting the locations and platforms blocks, I've opened a PR on the SDK to enable setting these objects to null. We'll need to pull in this change once it has been merged/released.
In addition to the schema changes, we'll have to add additional test coverage for scenarios such as adding and removing these blocks for an existing policy. We should also update the docs to reflect the new schema.
You're welcome to add these if you like. I also have some reworked tests locally that I can add but I don't have push access to your fork - if you can allow edits from maintainers I'll be happy to push these and then we should be good to merge this once the SDK changes are pulled in. Thanks!
|
Hi @manicminer, because I created the fork under the Ingram Micro organization, I don't have that option. Instead I've just invited you to collaborate on the fork directly. Let me know if that provides all the access you require. Thanks! |
|
@michaelmingram Great, thanks! I got the invite and pushed the additions. I also made the |
|
Test results
|
|
This functionality has been released in v2.21.0 of the Terraform Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
|
I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active contributions. |
This PR resolves two outstanding issues:
With these two fixes, the azuread_conditional_access_policy resource can be used to recreate all eight of the conditional access templates in the Identity category.
Fixes #708 and #774