fix: threat_intelligence_allowlist

[matt-FFFFFF]

supersedes #887

changes pulled into local branch so I can push changes.

THanks to @heintonny for the original work, your commits have been preserved.

Overview/Summary

Replace this with a brief description of what this Pull Request fixes, changes, etc.

This PR fixes/adds/changes/removes

1. Replace me
2. Replace me
3. Replace me

Breaking Changes

1. Replace me
2. Replace me

Testing Evidence

Please provide any testing evidence to show that your Pull Request works/fixes as described and planned (include screenshots, if appropriate).

As part of this Pull Request I have

• Checked for duplicate Pull Requests
• Associated it with relevant issues, for tracking and closure.
• Ensured my code/branch is up-to-date with the latest changes in the main branch
• Performed testing and provided evidence.
• Updated relevant and associated documentation.

[matt-FFFFFF]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[matt-FFFFFF]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[matt-FFFFFF]

/azp run unit

[azure-pipelines]

Azure Pipelines successfully started running 1 pipeline(s).

[BryanEuton]

It looks like this is a breaking change for the way that it is currently configured in the examples. In the example, the threat_intelligence_allowlist is an array but in this change it is an array.

            azure_firewall = {
              enabled = true
              config = {
                address_prefix                = "10.100.0.0/24"
                enable_dns_proxy              = true
                dns_servers                   = []
                sku_tier                      = ""
                base_policy_id                = ""
                private_ip_ranges             = []
                threat_intelligence_mode      = ""
                threat_intelligence_allowlist = []
                availability_zones = {
                  zone_1 = true
                  zone_2 = true
                  zone_3 = true
                }
              }
            }

https://github.com/Azure/terraform-azurerm-caf-enterprise-scale/wiki/%5BExamples%5D-Deploy-Connectivity-Resources-With-Custom-Settings

Changing the empty array to an empty object fixed the issue.

Please let update the examples.

Actual error:

╷
│ Error: Invalid value for input variable
│ 
│   on main.tf line 31, in module "enterprise_scale":
│   31:   configure_connectivity_resources = local.configure_connectivity_resources
│ 
│ The given value is not suitable for
│ module.enterprise_scale.var.configure_connectivity_resources declared at
│ .terraform/modules/enterprise_scale/variables.tf:156,1-44: attribute
│ "settings": attribute "hub_networks": element 0: attribute "config":
│ attribute "azure_firewall": attribute "config": attribute
│ "threat_intelligence_allowlist": map of list of string required.
╵

[Jared975]

Adding to BryanEuton's reply; this change caused the documented examples in the Wiki to fail, even when the azure_firewall.enabled = false.

threat_intelligence_allowlist = []

~fix
threat_intelligence_allowlist = {}

[matt-FFFFFF]

Apologies folks, we should have made this clearer. Docs have been updated.