Azure Policy - Remediation

farroar · July 8, 2020, 7:26pm

resource "azurerm_policy_remediation" "policy_remediation" {
name                 = "baseline-policy-remediation"
scope                = azurerm_policy_assignment.baseline.scope
policy_assignment_id = azurerm_policy_assignment.baseline.id
}

Running this using azurerm ~>2.0 results in the following:

The provider provider.azurerm does not support resource type
"azurerm_policy_remediation".

I can’t find any documentation on how to address the policy remediation aspect of Azure policy. The only documentation I can find lists that it is supported:

Thoughts? I have policies that I need to automate that require a remediation service principal and I can’t seem to get it to work. I don’t see this as being a code issue, it just isn’t supported?

Thanks!

farroar · July 16, 2020, 9:58pm

I fixed it. Changed the version of azurerm from 2.0.0 to 2.19.0 and the error went away… Then found that this isn’t really want I needed. Ended up having to have a sub block with:

  identity {
    type = "SystemAssigned"
  }

under the assignment. Also, don’t forget to include location or it will also break.

Topic		Replies	Views
Provider.azurerm does not support resource type for azurerm_policy_remediation Azure	1	975	September 29, 2022
Azure Policy 'deployIfNotExists' not executing on terraform resources Azure	3	2680	July 19, 2021
Policy Assignment and managed identity Azure	3	3510	August 14, 2020
Azurerm_function_app_function resource not supported in v2.99.0 of azurerm Terraform Providers azure	1	939	March 29, 2022
Using MSI with Azure DevOps Pipelines Azure azure	2	1366	July 26, 2021

Azure Policy - Remediation

Related topics