func updatePolicyAsignments()

in deployment/managementgroup.go [489:541]


func updatePolicyAsignments(mg *HierarchyManagementGroup, pd2mg, psd2mg map[string]mapset.Set[string]) error {
	// Update resource ids and refs.
	for assignmentName, assignment := range mg.policyAssignments {
		assignment.ID = to.Ptr(fmt.Sprintf(PolicyAssignmentIdFmt, mg.id, assignmentName))
		assignment.Properties.Scope = to.Ptr(fmt.Sprintf(ManagementGroupIdFmt, mg.id))
		if assignment.Location != nil {
			assignment.Location = &mg.location
		}

		// rewrite the referenced policy definition id
		// if the policy definition is in the list.
		pdRes, err := assignment.ReferencedPolicyDefinitionResourceId()
		if err != nil {
			return fmt.Errorf("updatePolicyAssignments: error parsing policy definition id for policy assignment %s: %w", assignmentName, err)
		}

		switch strings.ToLower(pdRes.ResourceType.Type) {
		case "policydefinitions":
			if deploymentMgs, ok := pd2mg[pdRes.Name]; ok {
				updated := false
				for deploymentMg := range deploymentMgs.Iter() {
					if deploymentMg != mg.id && !mg.HasParent(deploymentMg) {
						continue
					}
					assignment.Properties.PolicyDefinitionID = to.Ptr(fmt.Sprintf(PolicyDefinitionIdFmt, deploymentMg, pdRes.Name))
					updated = true
					break
				}
				if !updated {
					return fmt.Errorf("updatePolicyAssignments: policy assignment %s has a policy definition %s that is not in the same hierarchy", assignmentName, pdRes.Name)
				}
			}
		case "policysetdefinitions":
			if deploymentMg, ok := psd2mg[pdRes.Name]; ok {
				updated := false
				for deploymentMg := range deploymentMg.Iter() {
					if deploymentMg != mg.id && !mg.HasParent(deploymentMg) {
						continue
					}
					assignment.Properties.PolicyDefinitionID = to.Ptr(fmt.Sprintf(PolicySetDefinitionIdFmt, deploymentMg, pdRes.Name))
					updated = true
					break
				}
				if !updated {
					return fmt.Errorf("updatePolicyAssignments: policy assignment %s has a policy set definition %s that is not in the same hierarchy", assignmentName, pdRes.Name)
				}
			}
		default:
			return fmt.Errorf("updatePolicyAssignments: policy assignment %s has invalid referenced definition/set resource type with id: %s", assignmentName, pdRes.Name)
		}
	}
	return nil
}