in deployment/managementgroup.go [457:487]
func updatePolicySetDefinitions(mg *HierarchyManagementGroup, pd2mg map[string]mapset.Set[string]) error {
for psdName, psd := range mg.policySetDefinitions {
psd.ID = to.Ptr(fmt.Sprintf(PolicySetDefinitionIdFmt, mg.id, psdName))
refs := psd.PolicyDefinitionReferences()
if refs == nil {
return fmt.Errorf("updatePolicySetDefinitions: error getting policy definition references for policy set definition %s", psdName)
}
for _, pdr := range refs {
pdname, err := assets.NameFromResourceId(*pdr.PolicyDefinitionID)
if err != nil {
return fmt.Errorf("updatePolicySetDefinitions: error getting policy definition name from resource id %s: %w", *pdr.PolicyDefinitionID, err)
}
// if the referenced policy definition is custom, we need to update the reference
if definitionMgs, ok := pd2mg[pdname]; ok {
updated := false
for definitionMg := range definitionMgs.Iter() {
if definitionMg != mg.id && !mg.HasParent(definitionMg) {
continue
}
pdr.PolicyDefinitionID = to.Ptr(fmt.Sprintf(PolicyDefinitionIdFmt, definitionMg, pdname))
updated = true
break
}
if !updated {
return fmt.Errorf("updatePolicySetDefinitions: policy set definition %s has a policy definition %s that is not in the same hierarchy", psdName, pdname)
}
}
}
}
return nil
}