add rule names in error messages so users could learn how to ignore f…

…ailed policy

policy/Azure-Proactive-Resiliency-Library-v2/azapi/compute/microsoft_compute_disks_sku_name.rego

@@ -15,5 +15,5 @@ deny_mission_critical_virtual_machine_should_use_premium_or_ultra_disks contains
     data.utils.is_azure_type(resource.values, "Microsoft.Compute/disks")
     not valid_azapi_mission_critical_virtual_machine_should_use_premium_or_ultra_disks(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `sku.name` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mission_critical_virtual_machine_should_use_premium_or_ultra_disks: '%s' `azapi_resource` must have configured `sku.name` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/compute/microsoft_compute_virtualMachines_properties_availabilitySet.rego

@@ -11,5 +11,5 @@ deny_migrate_vm_using_availability_sets_to_vmss_flex contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.Compute/virtualMachines")
     not valid_azapi_migrate_vm_using_availability_sets_to_vmss_flex(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must not define `properties.availabilitySet`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/migrate_vm_using_availability_sets_to_vmss_flex: '%s' `azapi_resource` must not define `properties.availabilitySet`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/compute/microsoft_compute_virtualMachines_storageProfile_osDisk_managedDisk_storageAccountType.rego

@@ -15,5 +15,5 @@ deny_mission_critical_virtual_machine_should_use_premium_or_ultra_disks contains
     data.utils.is_azure_type(resource.values, "Microsoft.Compute/virtualMachines")
     not valid_azapi_mission_critical_virtual_machine_should_use_premium_or_ultra_disks(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `storageProfile.osDisk.managedDisk.storageAccountType` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mission_critical_virtual_machine_should_use_premium_or_ultra_disks: '%s' `azapi_resource` must have configured `storageProfile.osDisk.managedDisk.storageAccountType` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/containerservice/aks/microsoft_container_service_managedClusters_agentPoolProfiles_availabilityZones.rego

@@ -12,5 +12,5 @@ deny_configure_aks_default_node_pool_zones contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.ContainerService/managedClusters")
     not valid_azapi_configure_aks_default_node_pool_zones(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `agentPoolProfiles.availabilityZones` to use at least 2 Availability Zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/ContainerService/managedClusters/#deploy-aks-cluster-across-availability-zones", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/configure_aks_default_node_pool_zones: '%s' `azapi_resource` must have configured `agentPoolProfiles.availabilityZones` to use at least 2 Availability Zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/ContainerService/managedClusters/#deploy-aks-cluster-across-availability-zones", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/cosmos-db/microsoft_documentdb_databaseAccounts_backupPolicy_type.rego

@@ -11,5 +11,5 @@ deny_configure_cosmosdb_account_continuous_backup_mode contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.DocumentDB/databaseAccounts")
     not valid_azapi_configure_cosmosdb_account_continuous_backup_mode(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have backup type configured to 'Continuous': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DocumentDB/databaseAccounts/#configure-continuous-backup-mode", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/configure_cosmosdb_account_continuous_backup_mode: '%s' `azapi_resource` must have backup type configured to 'Continuous': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DocumentDB/databaseAccounts/#configure-continuous-backup-mode", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/mysql/microsoft_db_for_mysql_flexibleServers_backup_geo_redundant_backup.rego

@@ -11,5 +11,5 @@ deny_mysql_flexible_server_geo_redundant_backup_enabled contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.DBforMySQL/flexibleServers")
     not valid_azapi_mysql_flexible_server_geo_redundant_backup_enabled(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have 'backup.geoRedundantBackup' set to '\"Enabled\"': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DBforMySQL/flexibleServers/#configure-geo-redundant-backup-storage", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mysql_flexible_server_geo_redundant_backup_enabled: '%s' `azapi_resource` must have 'backup.geoRedundantBackup' set to '\"Enabled\"': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DBforMySQL/flexibleServers/#configure-geo-redundant-backup-storage", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/mysql/microsoft_db_for_mysql_flexibleServers_high_availability_mode.rego

@@ -11,5 +11,5 @@ deny_mysql_flexible_server_high_availability_zone_redundant contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.DBforMySQL/flexibleServers")
     not valid_azapi_mysql_flexible_server_high_availability_zone_redundant(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have 'highAvailability.mode' set to 'ZoneRedundant': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DBforMySQL/flexibleServers/#enable-ha-with-zone-redundancy", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mysql_flexible_server_high_availability_zone_redundant: '%s' `azapi_resource` must have 'highAvailability.mode' set to 'ZoneRedundant': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/DBforMySQL/flexibleServers/#enable-ha-with-zone-redundancy", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_applicationGateways_sku_name.rego

@@ -15,5 +15,5 @@ deny_migrate_to_application_gateway_v2 contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.Network/applicationGateways")
     not valid_azapi_migrate_to_application_gateway_v2(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have 'body.properties.sku.name' set to 'Standard_v2' or 'WAF_v2': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#migrate-to-application-gateway-v2", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/migrate_to_application_gateway_v2: '%s' `azapi_resource` must have 'body.properties.sku.name' set to 'Standard_v2' or 'WAF_v2': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#migrate-to-application-gateway-v2", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_applicationGateways_zones.rego

@@ -12,5 +12,5 @@ deny_deploy_application_gateway_in_a_zone_redundant_configuration contains reaso
     data.utils.is_azure_type(resource.values, "Microsoft.Network/applicationGateways")
     not valid_azapi_deploy_application_gateway_in_a_zone_redundant_configuration(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have must have configured to use at least 2 Availability Zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#deploy-application-gateway-in-a-zone-redundant-configuration", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/deploy_application_gateway_in_a_zone_redundant_configuration: '%s' `azapi_resource` must have must have configured to use at least 2 Availability Zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/applicationGateways/#deploy-application-gateway-in-a-zone-redundant-configuration", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_loadBalancers_outbound_rules.rego

@@ -15,5 +15,5 @@ deny_use_nat_gateway_instead_of_outbound_rules_for_production_load_lalancer cont
     data.utils.is_azure_type(resource.values, "Microsoft.Network/loadBalancers")
     not valid_azapi_use_nat_gateway_instead_of_outbound_rules_for_production_load_lalancer(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must not config `outboundRules. Outbound rules for Standard Public Load Balancer involve manual port allocation for backend pools, limiting scalability and risk of SNAT port exhaustion. NAT Gateway is recommended for its dynamic scaling and secure internet connectivity.: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/loadBalancers/#use-nat-gateway-instead-of-outbound-rules-for-production-workloads", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/use_nat_gateway_instead_of_outbound_rules_for_production_load_lalancer: '%s' `azapi_resource` must not config `outboundRules. Outbound rules for Standard Public Load Balancer involve manual port allocation for backend pools, limiting scalability and risk of SNAT port exhaustion. NAT Gateway is recommended for its dynamic scaling and secure internet connectivity.: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/loadBalancers/#use-nat-gateway-instead-of-outbound-rules-for-production-workloads", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_loadBalancers_sku.rego

@@ -12,5 +12,5 @@ deny_use_resilient_load_lalancer_sku contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.Network/loadBalancers")
     not valid_azapi_use_resilient_load_lalancer_sku(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must not have 'sku.name' set to 'Basic': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/loadBalancers/#use-standard-load-balancer-sku", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/use_resilient_load_lalancer_sku: '%s' `azapi_resource` must not have 'sku.name' set to 'Basic': https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/loadBalancers/#use-standard-load-balancer-sku", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_publicIPAddresses.rego

@@ -12,5 +12,5 @@ deny_use_standard_sku_and_zone_redundant_ip contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.Network/publicIPAddresses")
     not valid_azapi_use_standard_sku_and_zone_redundant_ip(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `sku.name` to `\"Standard\"` and a `zones` that cotnains at least 2 zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/publicIPAddresses/#use-standard-sku-and-zone-redundant-ips-when-applicable", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/use_standard_sku_and_zone_redundant_ip: '%s' `azapi_resource` must have configured `sku.name` to `\"Standard\"` and a `zones` that cotnains at least 2 zones: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/publicIPAddresses/#use-standard-sku-and-zone-redundant-ips-when-applicable", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/network/microsoft_network_virtualNetworkGateways_properties_sku_name.rego

@@ -7,11 +7,10 @@ valid_azapi_virtual_network_gateway_use_zone_redundant_sku(resource) if {
    zone_redundant_skus[resource.values.body.properties.sku.name]
 }
 
-
 deny_virtual_network_gateway_use_zone_redundant_sku contains reason if {
     resource := data.utils.resource(input, "azapi_resource")[_]
     data.utils.is_azure_type(resource.values, "Microsoft.Network/virtualNetworkGateways")
     not valid_azapi_virtual_network_gateway_use_zone_redundant_sku(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must have configured `sku.name` to one of {\"ErGw1AZ\", \"ErGw2AZ\", \"ErGw3AZ\", \"VpnGw1AZ\", \"VpnGw2AZ\", \"VpnGw3AZ\", \"VpnGw4AZ\", \"VpnGw5AZ\"}: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/virtualNetworkGateways/#use-zone-redundant-expressroute-gateway-skus", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/virtual_network_gateway_use_zone_redundant_sku: '%s' `azapi_resource` must have configured `sku.name` to one of {\"ErGw1AZ\", \"ErGw2AZ\", \"ErGw3AZ\", \"VpnGw1AZ\", \"VpnGw2AZ\", \"VpnGw3AZ\", \"VpnGw4AZ\", \"VpnGw5AZ\"}: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Network/virtualNetworkGateways/#use-zone-redundant-expressroute-gateway-skus", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azapi/storage/microsoft_storage_storageAccounts_sku_name.rego

@@ -11,5 +11,5 @@ deny_storage_accounts_are_zone_or_region_redundant contains reason if {
     data.utils.is_azure_type(resource.values, "Microsoft.Storage/storageAccounts")
     not valid_azapi_storage_accounts_are_zone_or_region_redundant(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azapi_resource` must not have configured `sku.name` to `\"Standard_LRS\"` nor `\"Premium_LRS\"`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Storage/storageAccounts/#ensure-that-storage-accounts-are-zone-or-region-redundant", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/storage_accounts_are_zone_or_region_redundant: '%s' `azapi_resource` must not have configured `sku.name` to `\"Standard_LRS\"` nor `\"Premium_LRS\"`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Storage/storageAccounts/#ensure-that-storage-accounts-are-zone-or-region-redundant", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azurerm/compute/azurerm_linux_virtual_machine_availability_set_id.rego

@@ -14,5 +14,5 @@ deny_migrate_vm_using_availability_sets_to_vmss_flex contains reason if {
     resource := data.utils.resource(input, "azurerm_linux_virtual_machine")[_]
     not valid_azurerm_deny_migrate_vm_using_availability_sets_to_vmss_flex(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azurerm_linux_virtual_machine` must not define `availability_set_id`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/migrate_vm_using_availability_sets_to_vmss_flex: '%s' `azurerm_linux_virtual_machine` must not define `availability_set_id`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azurerm/compute/azurerm_linux_virtual_machine_os_disk_storage_account_type.rego

@@ -14,5 +14,5 @@ deny_mission_critical_virtual_machine_should_use_premium_or_ultra_disks contains
     resource := data.utils.resource(input, "azurerm_linux_virtual_machine")[_]
     not valid_azurerm_mission_critical_virtual_machine_should_use_premium_or_ultra_disks_os_disk_linux(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azurerm_linux_virtual_machine` must have configured `os_disk.storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mission_critical_virtual_machine_should_use_premium_or_ultra_disks: '%s' `azurerm_linux_virtual_machine` must have configured `os_disk.storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azurerm/compute/azurerm_managed_disk_storage_account_type.rego

@@ -14,5 +14,5 @@ deny_mission_critical_virtual_machine_should_use_premium_or_ultra_disks contains
     resource := data.utils.resource(input, "azurerm_managed_disk")[_]
     not valid_azurerm_mission_critical_virtual_machine_should_use_premium_or_ultra_disks_managed_disk(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azurerm_managed_disk` must have configured `storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mission_critical_virtual_machine_should_use_premium_or_ultra_disks: '%s' `azurerm_managed_disk` must have configured `storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azurerm/compute/azurerm_windows_virtual_machine_availability_set_id.rego

@@ -6,5 +6,5 @@ deny_migrate_vm_using_availability_sets_to_vmss_flex contains reason if {
     resource := data.utils.resource(input, "azurerm_windows_virtual_machine")[_]
     resource.values.availability_set_id
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azurerm_linux_virtual_machine` must not define `availability_set_id`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/migrate_vm_using_availability_sets_to_vmss_flex: '%s' `azurerm_linux_virtual_machine` must not define `availability_set_id`: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#migrate-vms-using-availability-sets-to-vmss-flex", [resource.address])
 }

policy/Azure-Proactive-Resiliency-Library-v2/azurerm/compute/azurerm_windows_virtual_machine_os_disk_storage_account_type.rego

@@ -14,5 +14,5 @@ deny_mission_critical_virtual_machine_should_use_premium_or_ultra_disks contains
     resource := data.utils.resource(input, "azurerm_windows_virtual_machine")[_]
     not valid_azurerm_mission_critical_virtual_machine_should_use_premium_or_ultra_disks_os_disk_win(resource)
 
-    reason := sprintf("Azure-Proactive-Resiliency-Library-v2: '%s' `azurerm_windows_virtual_machine` must have configured `os_disk.storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
+    reason := sprintf("Azure-Proactive-Resiliency-Library-v2/mission_critical_virtual_machine_should_use_premium_or_ultra_disks: '%s' `azurerm_windows_virtual_machine` must have configured `os_disk.storage_account_type` to use Premium or Ultra type: https://azure.github.io/Azure-Proactive-Resiliency-Library-v2/azure-resources/Compute/virtualMachines/#mission-critical-workloads-should-consider-using-premium-or-ultra-disks", [resource.address])
 }