Skip to content

Commit 4424aa7

Browse files
anwatherAnthony Watherston
anwather
and
Anthony Watherston
authored
Minor fix to export script (#794)
Co-authored-by: Anthony Watherston <Anthony.Watherston@microsoft.com>
1 parent da1f735 commit 4424aa7

File tree

1 file changed

+45
-6
lines changed

1 file changed

+45
-6
lines changed

Scripts/Operations/Export-PolicyToEPAC.ps1

Lines changed: 45 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -93,16 +93,22 @@ Write-Information "" -InformationAction Continue
9393

9494
#region PolicyDefinition
9595
if ($PolicyDefinitionId) {
96+
# Check proper formatting
97+
if ($PolicyDefinitionId -notmatch "/providers/") {
98+
Write-Error "Policy Definition ID '$($PolicyDefinitionId)' does not match expected format. Example format expected: '/providers/Microsoft.Authorization/policyDefinitions/f0e5abd0-2554-4736-b7c0-4ffef23475ef'"
99+
exit 1
100+
}
101+
96102
# Pull Built-In Policies
97103
$builtInPolicies = Get-AzPolicyDefinition -Builtin
98104
$builtInPolicyNames = $builtInPolicies.name
99105

100106
# Create Policy Definition File
101-
if ($PolicySetDefinitionId -match "/") {
102-
$policyName = $PolicySetDefinitionId.split("/")[-1]
107+
if ($PolicyDefinitionId -match "/") {
108+
$policyName = $PolicyDefinitionId.split("/")[-1]
103109
}
104110
else {
105-
$policyName = $PolicySetDefinitionId
111+
$policyName = $PolicyDefinitionId
106112
}
107113

108114
try {
@@ -112,7 +118,8 @@ if ($PolicyDefinitionId) {
112118
$policyResponse = Get-AzPolicyDefinition -Id "/providers/Microsoft.Authorization/policyDefinitions/$PolicyDefinitionId" | Select-Object -Property *
113119
}
114120
if ($null -eq $policyResponse) {
115-
Write-Error "Policy Definition Not Found!"
121+
Write-Error "Policy Definition ID '$($PolicyDefinitionId)' Not Found!"
122+
exit 1
116123
}
117124

118125
$policyType = "policyDefinitions"
@@ -168,6 +175,11 @@ if ($PolicyDefinitionId) {
168175
}
169176
#region PolicySetDefinition
170177
elseif ($PolicySetDefinitionId) {
178+
# Check proper formatting
179+
if ($PolicySetDefinitionId -notmatch "/providers/") {
180+
Write-Error "Policy Set Definition ID '$($PolicySetDefinitionId)' does not match expected format. Example format expected: '/providers/Microsoft.Authorization/policySetDefinitions/e20d08c5-6d64-656d-6465-ce9e37fd0ebc'"
181+
exit 1
182+
}
171183
# Pull Built-In Policies and Policy Sets
172184
$builtInPolicies = Get-AzPolicyDefinition -Builtin
173185
$builtInPolicyNames = $builtInPolicies.name
@@ -189,7 +201,8 @@ elseif ($PolicySetDefinitionId) {
189201
$policyResponse = Get-AzPolicySetDefinition -Id "/providers/Microsoft.Authorization/policySetDefinitions/$PolicySetDefinitionId" | Select-Object -Property *
190202
}
191203
if ($null -eq $policyResponse) {
192-
Write-Error "Policy Definition Not Found!"
204+
Write-Error "Policy Set Definition ID '$($PolicySetDefinitionId)' Not Found!"
205+
exit 1
193206
}
194207

195208
$policyType = "policySetDefinitions"
@@ -206,6 +219,12 @@ elseif ($PolicySetDefinitionId) {
206219
"parameters" = $tempParam
207220
"groupNames" = "$($policyDef.groupNames)"
208221
}
222+
if ( $orderedPolicyDefinitions.definitionVersion -eq "") {
223+
$orderedPolicyDefinitions.Remove('definitionVersion')
224+
}
225+
if ( $orderedPolicyDefinitions.groupNames -eq "") {
226+
$orderedPolicyDefinitions.Remove('groupNames')
227+
}
209228
$policyDefinitionArray += $orderedPolicyDefinitions
210229
}
211230
$orderedPolicy = [ordered]@{
@@ -217,6 +236,9 @@ elseif ($PolicySetDefinitionId) {
217236
"policyDefinitions" = $policyDefinitionArray
218237
"policyDefinitionGroups" = $policyResponse.PolicyDefinitionGroup
219238
}
239+
if ( $null -eq $orderedPolicy.policyDefinitionGroups) {
240+
$orderedPolicy.Remove('policyDefinitionGroups')
241+
}
220242
$policyObject = [ordered]@{
221243
"`$schema" = "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json"
222244
"name" = $policyName
@@ -356,6 +378,10 @@ elseif ($ALZPolicyDefinitionId) {
356378
$policyName = $ALZPolicyDefinitionId
357379
$policyType = "policyDefinitions"
358380
$policyResponse = $alzHash[$ALZPolicyDefinitionId]
381+
if ($null -eq $policyResponse) {
382+
Write-Error "ALZ Policy Definition ID '$($ALZPolicyDefinitionId)' Not Found!"
383+
exit 1
384+
}
359385
$policyDisplayName = $policyResponse.displayName
360386
$policyDescription = $policyResponse.description
361387
$policyBuiltInType = $policyResponse.policyType
@@ -469,6 +495,10 @@ elseif ($ALZPolicySetDefinitionId) {
469495
$policyName = $ALZPolicySetDefinitionId
470496
$policyType = "policySetDefinitions"
471497
$policyResponse = $alzSetHash[$ALZPolicySetDefinitionId]
498+
if ($null -eq $policyResponse) {
499+
Write-Error "ALZ Policy Set Definition ID '$($ALZPolicySetDefinitionId)' Not Found!"
500+
exit 1
501+
}
472502
$policyDisplayName = $policyResponse.displayName
473503
$policyDescription = $policyResponse.description
474504
$policyBuiltInType = $policyResponse.policyType
@@ -482,6 +512,12 @@ elseif ($ALZPolicySetDefinitionId) {
482512
"parameters" = $tempParam
483513
"groupNames" = "$($policyDef.groupNames)"
484514
}
515+
if ( $orderedPolicyDefinitions.definitionVersion -eq "") {
516+
$orderedPolicyDefinitions.Remove('definitionVersion')
517+
}
518+
if ( $orderedPolicyDefinitions.groupNames -eq "") {
519+
$orderedPolicyDefinitions.Remove('groupNames')
520+
}
485521
$policyDefinitionArray += $orderedPolicyDefinitions
486522
}
487523
$orderedPolicy = [ordered]@{
@@ -493,6 +529,9 @@ elseif ($ALZPolicySetDefinitionId) {
493529
"policyDefinitions" = $policyDefinitionArray
494530
"policyDefinitionGroups" = $policyResponse.PolicyDefinitionGroups
495531
}
532+
if ( $null -eq $orderedPolicy.policyDefinitionGroups) {
533+
$orderedPolicy.Remove('policyDefinitionGroups')
534+
}
496535
$policyObject = [ordered]@{
497536
"`$schema" = "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json"
498537
"name" = $policyName
@@ -611,7 +650,7 @@ elseif ($ALZPolicySetDefinitionId) {
611650
}
612651
}
613652
else {
614-
Write-Error "Export-PolicyToEPAC requires at least one of the following: PolicyDefinitionId, PolicySetDefinitionId!"
653+
Write-Error "Export-PolicyToEPAC requires at least one of the following: PolicyDefinitionId, PolicySetDefinitionId, ALZPolicyDefinitionId or ALZPolicySetDefinitionId!"
615654
}
616655

617656

0 commit comments

Comments
 (0)