XDR-4570: Add back logicApp ID construction

modules/sentinel-automation-rule/README.md

@@ -17,12 +17,15 @@
 | Name | Type |
 |------|------|
 | [azurerm_sentinel_automation_rule.sentinel_automation_rule](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/sentinel_automation_rule) | resource |
+| [azurerm_subscription.current](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/data-sources/subscription) | data source |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_automation_rule"></a> [automation\_rule](#input\_automation\_rule) | Automation rule to be deployed. | `string` | n/a | yes |
+| <a name="input_environment"></a> [environment](#input\_environment) | The type of environment (e.g. `dev`, `stage`, or `prod`). | `string` | n/a | yes |
 | <a name="input_log_analytics_workspace_id"></a> [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | The ID of the Log Analytics workspace. | `string` | n/a | yes |
-| <a name="input_logic_app_id"></a> [logic\_app\_id](#input\_logic\_app\_id) | Resource ID of the SOAR Webhook connector logic app. | `string` | n/a | yes |
+| <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group in which the playbook is provisioned. | `string` | n/a | yes |
+| <a name="input_unique_name_prefix"></a> [unique\_name\_prefix](#input\_unique\_name\_prefix) | A unique string prepended to the resource name to ensure it is globally unique (i.e. your company name). | `string` | n/a | yes |
 <!-- END_TF_DOCS -->

modules/sentinel-automation-rule/main.tf

@@ -16,6 +16,9 @@ locals {
   automation_rule_object = jsondecode(var.automation_rule)
 }
 
+data "azurerm_subscription" "current" {
+}
+
 resource "azurerm_sentinel_automation_rule" "sentinel_automation_rule" {
 
   display_name               = local.automation_rule_object["display_name"]
@@ -42,7 +45,7 @@ resource "azurerm_sentinel_automation_rule" "sentinel_automation_rule" {
 
     content {
       order        = action_playbook.value["order"]
-      logic_app_id = var.logic_app_id
+      logic_app_id = "/subscriptions/${data.azurerm_subscription.current.subscription_id}/resourceGroups/${var.resource_group_name}/providers/Microsoft.Logic/workflows/${tobool(try(action_playbook.value["prefixed"], false)) ? "${var.unique_name_prefix}-${action_playbook.value["logic_app_id"]}-${var.environment}" : action_playbook.value["logic_app_id"]}"
       tenant_id    = try(action_playbook.value["tenant_id"], null)
     }
   }

modules/sentinel-automation-rule/vars.tf

@@ -8,7 +8,22 @@ variable "automation_rule" {
   type        = string
 }
 
-variable "logic_app_id" {
-  description = "Resource ID of the SOAR Webhook connector logic app."
+#variable "logic_app_id" {
+#  description = "Resource ID of the SOAR Webhook connector logic app."
+#  type        = string
+#}
+
+variable "resource_group_name" {
+  description = "The name of the resource group in which the playbook is provisioned."
+  type        = string
+}
+
+variable "unique_name_prefix" {
+  description = "A unique string prepended to the resource name to ensure it is globally unique (i.e. your company name)."
+  type        = string
+}
+
+variable "environment" {
+  description = "The type of environment (e.g. `dev`, `stage`, or `prod`)."
   type        = string
 }