custom_landing_zones Keys cannot contain periods

[cloudchristoph]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Versions

terraform: 1.6.3

azure provider: 1.10.0

module: 5.0.0

Description

Describe the bug

When I try to add a management group with a period in the ID, it fails the validation.
Periods are allowed for Management Group IDs.

Steps to Reproduce

1. Add a custom_landing_zone like this:

  custom_landing_zones = {
    "com.mycompany" = {
      display_name               = "My Company"
      parent_management_group_id = "${data.azurerm_client_config.core.tenant_id}"
      subscription_ids           = []
      archetype_config = {
        archetype_id   = "mycompany_root"
        parameters     = {}
        access_control = {}
      }
    }

2. terraform plan
3. You'll get an validation error:

│     │ var.custom_landing_zones is object with 1 attribute "com.mycompany"
│
│ The custom_landing_zones keys must be between 2 to 89 characters long and can only contain lowercase letters, numbers and hyphens.
│
│ This was checked by the validation rule at .terraform/modules/enterprise_scale/variables.tf:605,3-13.

Possible fix:

I've changed the validation rule in

terraform-azurerm-caf-enterprise-scale/variables.tf

Lines 606 to 607 in ecf0601

	condition = can([for k in keys(var.custom_landing_zones) : regex("^[a-zA-Z0-9-]{2,89}$", k)]) || length(keys(var.custom_landing_zones)) == 0
	error_message = "The custom_landing_zones keys must be between 2 to 89 characters long and can only contain lowercase letters, numbers and hyphens."

...to:

    condition     = can([for k in keys(var.custom_landing_zones) : regex("^[a-zA-Z0-9-.]{2,89}$", k)]) || length(keys(var.custom_landing_zones)) == 0
    error_message = "The custom_landing_zones keys must be between 2 to 89 characters long and can only contain lowercase letters, numbers, periods and hyphens."

Screenshots

Additional context

I'm still creating the environment where this issue has hit me. So I'm not sure, if there are side effects with Management Groups containing a period in the ID. So far I have not observed any problems.

I would also like to point out that I don't think it's a good idea. I follow customer specifications here and see no technical reason not to allow it.

[matt-FFFFFF]

Hi I agree - we will fix

[cloudchristoph]

Wow that was fast Matt. 😲

Didn't have the chance to test all components. Just using this for Policy deployments tbh.
I'll let you know, if I see issues with those Management Groups.

[matt-FFFFFF]

I need to get this reviewed but should be able to merge and release tomorrow