azurerm_role_management_policy - notification_rules are no longer Optional/Computed and removing the block will reset them back to the default values provided by Azure

internal/services/authorization/role_management_policy.go

@@ -238,18 +238,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.admin_notifications") {
 		if notificationAdminAdminEligibilityBase, ok := existingRules["Notification_Admin_Admin_Eligibility"]; ok {
 			if notificationAdminAdminEligibility, ok := notificationAdminAdminEligibilityBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleAssignments) == 1 {
-						if len(model.NotificationRules[0].EligibleAssignments[0].AdminNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationAdminAdminEligibility,
-									model.NotificationRules[0].EligibleAssignments[0].AdminNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.admin_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleAssignments) != 0 && len(model.NotificationRules[0].EligibleAssignments[0].AdminNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationAdminAdminEligibility,
+							model.NotificationRules[0].EligibleAssignments[0].AdminNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.admin_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationAdminAdminEligibility,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -258,18 +264,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.admin_notifications") {
 		if notificationAdminAdminAssignmentBase, ok := existingRules["Notification_Admin_Admin_Assignment"]; ok {
 			if notificationAdminAdminAssignment, ok := notificationAdminAdminAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].ActiveAssignments) == 1 {
-						if len(model.NotificationRules[0].ActiveAssignments[0].AdminNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationAdminAdminAssignment,
-									model.NotificationRules[0].ActiveAssignments[0].AdminNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.admin_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].ActiveAssignments) != 0 && len(model.NotificationRules[0].ActiveAssignments[0].AdminNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationAdminAdminAssignment,
+							model.NotificationRules[0].ActiveAssignments[0].AdminNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.admin_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationAdminAdminAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -278,18 +290,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.admin_notifications") {
 		if notificationAdminEndUserAssignmentBase, ok := existingRules["Notification_Admin_EndUser_Assignment"]; ok {
 			if notificationAdminEndUserAssignment, ok := notificationAdminEndUserAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleActivations) == 1 {
-						if len(model.NotificationRules[0].EligibleActivations[0].AdminNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationAdminEndUserAssignment,
-									model.NotificationRules[0].EligibleActivations[0].AdminNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.admin_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleActivations) != 0 && len(model.NotificationRules[0].EligibleActivations[0].AdminNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationAdminEndUserAssignment,
+							model.NotificationRules[0].EligibleActivations[0].AdminNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.admin_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationAdminEndUserAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -298,18 +316,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.approver_notifications") {
 		if notificationApproverAdminEligibilityBase, ok := existingRules["Notification_Approver_Admin_Eligibility"]; ok {
 			if notificationApproverAdminEligibility, ok := notificationApproverAdminEligibilityBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleAssignments) == 1 {
-						if len(model.NotificationRules[0].EligibleAssignments[0].ApproverNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationApproverAdminEligibility,
-									model.NotificationRules[0].EligibleAssignments[0].ApproverNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.approver_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleAssignments) != 0 && len(model.NotificationRules[0].EligibleAssignments[0].ApproverNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationApproverAdminEligibility,
+							model.NotificationRules[0].EligibleAssignments[0].ApproverNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.approver_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationApproverAdminEligibility,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -318,18 +342,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.approver_notifications") {
 		if notificationApproverAdminAssignmentBase, ok := existingRules["Notification_Approver_Admin_Assignment"]; ok {
 			if notificationApproverAdminAssignment, ok := notificationApproverAdminAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].ActiveAssignments) == 1 {
-						if len(model.NotificationRules[0].ActiveAssignments[0].ApproverNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationApproverAdminAssignment,
-									model.NotificationRules[0].ActiveAssignments[0].ApproverNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.approver_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].ActiveAssignments) != 0 && len(model.NotificationRules[0].ActiveAssignments[0].ApproverNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationApproverAdminAssignment,
+							model.NotificationRules[0].ActiveAssignments[0].ApproverNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.approver_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationApproverAdminAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -338,18 +368,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.approver_notifications") {
 		if notificationApproverEndUserAssignmentBase, ok := existingRules["Notification_Approver_EndUser_Assignment"]; ok {
 			if notificationApproverEndUserAssignment, ok := notificationApproverEndUserAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleActivations) == 1 {
-						if len(model.NotificationRules[0].EligibleActivations[0].ApproverNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationApproverEndUserAssignment,
-									model.NotificationRules[0].EligibleActivations[0].ApproverNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.approver_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleActivations) != 0 && len(model.NotificationRules[0].EligibleActivations[0].ApproverNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationApproverEndUserAssignment,
+							model.NotificationRules[0].EligibleActivations[0].ApproverNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.approver_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationApproverEndUserAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -358,18 +394,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.assignee_notifications") {
 		if notificationRequestorAdminEligibilityBase, ok := existingRules["Notification_Requestor_Admin_Eligibility"]; ok {
 			if notificationRequestorAdminEligibility, ok := notificationRequestorAdminEligibilityBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleAssignments) == 1 {
-						if len(model.NotificationRules[0].EligibleAssignments[0].AssigneeNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationRequestorAdminEligibility,
-									model.NotificationRules[0].EligibleAssignments[0].AssigneeNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.assignee_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleAssignments) != 0 && len(model.NotificationRules[0].EligibleAssignments[0].AssigneeNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationRequestorAdminEligibility,
+							model.NotificationRules[0].EligibleAssignments[0].AssigneeNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_assignments.0.assignee_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationRequestorAdminEligibility,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -378,18 +420,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.assignee_notifications") {
 		if notificationRequestorAdminAssignmentBase, ok := existingRules["Notification_Requestor_Admin_Assignment"]; ok {
 			if notificationRequestorAdminAssignment, ok := notificationRequestorAdminAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].ActiveAssignments) == 1 {
-						if len(model.NotificationRules[0].ActiveAssignments[0].AssigneeNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationRequestorAdminAssignment,
-									model.NotificationRules[0].ActiveAssignments[0].AssigneeNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.assignee_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].ActiveAssignments) != 0 && len(model.NotificationRules[0].ActiveAssignments[0].AssigneeNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationRequestorAdminAssignment,
+							model.NotificationRules[0].ActiveAssignments[0].AssigneeNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.active_assignments.0.assignee_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationRequestorAdminAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}
@@ -398,18 +446,24 @@ func buildRoleManagementPolicyForUpdate(metadata *sdk.ResourceMetaData, rolePoli
 	if metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.assignee_notifications") {
 		if notificationRequestorEndUserAssignmentBase, ok := existingRules["Notification_Requestor_EndUser_Assignment"]; ok {
 			if notificationRequestorEndUserAssignment, ok := notificationRequestorEndUserAssignmentBase.(rolemanagementpolicies.RoleManagementPolicyNotificationRule); ok {
-				if len(model.NotificationRules) == 1 {
-					if len(model.NotificationRules[0].EligibleActivations) == 1 {
-						if len(model.NotificationRules[0].EligibleActivations[0].AssigneeNotifications) == 1 {
-							updatedRules = append(updatedRules,
-								expandNotificationSettings(
-									notificationRequestorEndUserAssignment,
-									model.NotificationRules[0].EligibleActivations[0].AssigneeNotifications[0],
-									metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.assignee_notifications.0.additional_recipients"),
-								),
-							)
-						}
-					}
+				if len(model.NotificationRules) != 0 && len(model.NotificationRules[0].EligibleActivations) != 0 && len(model.NotificationRules[0].EligibleActivations[0].AssigneeNotifications) != 0 {
+					updatedRules = append(updatedRules,
+						expandNotificationSettings(
+							notificationRequestorEndUserAssignment,
+							model.NotificationRules[0].EligibleActivations[0].AssigneeNotifications[0],
+							metadata.ResourceData.HasChange("notification_rules.0.eligible_activations.0.assignee_notifications.0.additional_recipients"),
+						),
+					)
+				} else {
+					updatedRules = append(updatedRules, expandNotificationSettings(
+						notificationRequestorEndUserAssignment,
+						RoleManagementPolicyNotificationSettings{
+							NotificationLevel:    "All",
+							DefaultRecipients:    true,
+							AdditionalRecipients: []string{},
+						},
+						true,
+					))
 				}
 			}
 		}