Team,
We are designing policies for some of our scenarios. We have a basic policy which checks apart from the resourceType if certain property of the resource matches with some value then trigger the “deployifnotexists” effect.
1)When end users update the resource with “PATCH” calls on that property and if it matches the trigger condition then DeployIfExists triggering automatically, putting the resource into compliance state without any user intervention.
2)When the same operation “PATCH” is done by our first party app then “DeployIfExists” not triggering automatically, users need to manually create remediate task to fix the compliance.
Is the difference in behavior expected if the caller is USER vs first party app? Is there a way we can make our first part party service updates same as end user updates from the policy behavior perspective?
Thanks,
Subba