While developing and testing a TF Azure module for policies and policy initiatives (sets) I’ve received the following error:
Error: creating/updating Policy Definition custom-policy-1: policy.DefinitionsClient#CreateOrUpdate: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code=InvalidRequestContent Message=The request content was invalid and could not be deserialized: Required property policyRule not found in JSON. Path properties, line 1, position 153
Prerequisites
- Terraform
Solution
Besides parameters make sure you have a policyRule set in place. It’s easy to miss out. For instance, you can have something like this:
resource "azurerm_policy_definition" "policy_storage_allow_blob_public_access" {
name = var.name
display_name = var.display_name
description = var.description
policy_type = "Custom"
mode = "Indexed"
metadata = jsonencode({
category = "Security"
})
parameters = {
parameter_name = {
type = "String"
metadata = {
description = "Example parameter"
}
}
}
policy_rule = jsonencode({
"if": {
"allOf": [
{
"field": "type",
"equals": "Microsoft.Storage/storageAccounts"
},
{
"not": {
"field": "Microsoft.Storage/storageAccounts/allowBlobPublicAccess",
"equals": "false"
}
}
]
},
"then": {
"effect": "deny"
}
})
}
Conclusion
In case nothing works, feel free to leave a comment below and if you find this tutorial useful, follow our official channel on Telegram.