diff --git a/azurerm/internal/services/policy/client/client.go b/azurerm/internal/services/policy/client/client.go
index 5a698d894bcb..97ca75b8ea18 100644
--- a/azurerm/internal/services/policy/client/client.go
+++ b/azurerm/internal/services/policy/client/client.go
@@ -2,7 +2,7 @@ package client
 
 import (
 	"github.com/Azure/azure-sdk-for-go/services/policyinsights/mgmt/2019-10-01/policyinsights"
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
 )
 
diff --git a/azurerm/internal/services/policy/policy.go b/azurerm/internal/services/policy/policy.go
index 37ad0ece9122..7d1fcc33cd1c 100644
--- a/azurerm/internal/services/policy/policy.go
+++ b/azurerm/internal/services/policy/policy.go
@@ -1,10 +1,12 @@
 package policy
 
 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"fmt"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 )
 
 func getPolicyDefinitionByDisplayName(ctx context.Context, client *policy.DefinitionsClient, displayName, managementGroupName string) (policy.Definition, error) {
@@ -102,3 +104,55 @@ func getPolicySetDefinitionByDisplayName(ctx context.Context, client *policy.Set
 
 	return results[0], nil
 }
+
+func expandParameterDefinitionsValueFromString(jsonString string) (map[string]*policy.ParameterDefinitionsValue, error) {
+	var result map[string]*policy.ParameterDefinitionsValue
+
+	err := json.Unmarshal([]byte(jsonString), &result)
+
+	return result, err
+}
+
+func flattenParameterDefintionsValueToString(input map[string]*policy.ParameterDefinitionsValue) (string, error) {
+	if len(input) == 0 {
+		return "", nil
+	}
+
+	result, err := json.Marshal(input)
+	if err != nil {
+		return "", err
+	}
+
+	compactJson := bytes.Buffer{}
+	if err := json.Compact(&compactJson, result); err != nil {
+		return "", err
+	}
+
+	return compactJson.String(), nil
+}
+
+func expandParameterValuesValueFromString(jsonString string) (map[string]*policy.ParameterValuesValue, error) {
+	var result map[string]*policy.ParameterValuesValue
+
+	err := json.Unmarshal([]byte(jsonString), &result)
+
+	return result, err
+}
+
+func flattenParameterValuesValueToString(input map[string]*policy.ParameterValuesValue) (string, error) {
+	if len(input) == 0 {
+		return "", nil
+	}
+
+	result, err := json.Marshal(input)
+	if err != nil {
+		return "", err
+	}
+
+	compactJson := bytes.Buffer{}
+	if err := json.Compact(&compactJson, result); err != nil {
+		return "", err
+	}
+
+	return compactJson.String(), nil
+}
diff --git a/azurerm/internal/services/policy/policy_assignment_resource.go b/azurerm/internal/services/policy/policy_assignment_resource.go
index 870f21d286cd..843b3b5fa6b8 100644
--- a/azurerm/internal/services/policy/policy_assignment_resource.go
+++ b/azurerm/internal/services/policy/policy_assignment_resource.go
@@ -7,7 +7,7 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/structure"
@@ -171,12 +171,12 @@ func resourceArmPolicyAssignmentCreateUpdate(d *schema.ResourceData, meta interf
 	}
 
 	if v := d.Get("parameters").(string); v != "" {
-		expandedParams, err := structure.ExpandJsonFromString(v)
+		expandedParams, err := expandParameterValuesValueFromString(v)
 		if err != nil {
 			return fmt.Errorf("Error expanding JSON from Parameters %q: %+v", v, err)
 		}
 
-		assignment.AssignmentProperties.Parameters = &expandedParams
+		assignment.AssignmentProperties.Parameters = expandedParams
 	}
 
 	if _, ok := d.GetOk("not_scopes"); ok {
@@ -253,8 +253,7 @@ func resourceArmPolicyAssignmentRead(d *schema.ResourceData, meta interface{}) e
 		d.Set("display_name", props.DisplayName)
 
 		if params := props.Parameters; params != nil {
-			paramsVal := params.(map[string]interface{})
-			json, err := structure.FlattenJsonToString(paramsVal)
+			json, err := flattenParameterValuesValueToString(params)
 			if err != nil {
 				return fmt.Errorf("Error serializing JSON from Parameters: %+v", err)
 			}
diff --git a/azurerm/internal/services/policy/policy_definition_data_source.go b/azurerm/internal/services/policy/policy_definition_data_source.go
index f198b1ded2f7..892b3dc9d5e0 100644
--- a/azurerm/internal/services/policy/policy_definition_data_source.go
+++ b/azurerm/internal/services/policy/policy_definition_data_source.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
@@ -120,16 +120,21 @@ func dataSourceArmPolicyDefinitionRead(d *schema.ResourceData, meta interface{})
 	d.Set("type", policyDefinition.Type)
 	d.Set("policy_type", policyDefinition.PolicyType)
 
-	if policyRuleStr := flattenJSON(policyDefinition.PolicyRule); policyRuleStr != "" {
+	policyRule := policyDefinition.PolicyRule.(map[string]interface{})
+	if policyRuleStr := flattenJSON(policyRule); policyRuleStr != "" {
 		d.Set("policy_rule", policyRuleStr)
+	} else {
+		return fmt.Errorf("failed to flatten Policy Definition Rule %q: %+v", name, err)
 	}
 
 	if metadataStr := flattenJSON(policyDefinition.Metadata); metadataStr != "" {
 		d.Set("metadata", metadataStr)
 	}
 
-	if parametersStr := flattenJSON(policyDefinition.Parameters); parametersStr != "" {
+	if parametersStr, err := flattenParameterDefintionsValueToString(policyDefinition.Parameters); err == nil {
 		d.Set("parameters", parametersStr)
+	} else {
+		return fmt.Errorf("failed to flatten Policy Parameters %q: %+v", name, err)
 	}
 
 	return nil
diff --git a/azurerm/internal/services/policy/policy_definition_resource.go b/azurerm/internal/services/policy/policy_definition_resource.go
index b1bef92cc577..64438d07dc6d 100644
--- a/azurerm/internal/services/policy/policy_definition_resource.go
+++ b/azurerm/internal/services/policy/policy_definition_resource.go
@@ -9,7 +9,7 @@ import (
 	"strconv"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -54,20 +54,16 @@ func resourceArmPolicyDefinition() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 				ValidateFunc: validation.StringInSlice([]string{
-					string(policy.TypeBuiltIn),
-					string(policy.TypeCustom),
-					string(policy.TypeNotSpecified),
+					string(policy.BuiltIn),
+					string(policy.Custom),
+					string(policy.NotSpecified),
+					string(policy.Static),
 				}, true)},
 
 			"mode": {
 				Type:     schema.TypeString,
 				Required: true,
 				ForceNew: true,
-				ValidateFunc: validation.StringInSlice([]string{
-					string(policy.All),
-					string(policy.Indexed),
-					string(policy.NotSpecified),
-				}, true),
 			},
 
 			"management_group_id": {
@@ -178,7 +174,7 @@ func resourceArmPolicyDefinitionCreateUpdate(d *schema.ResourceData, meta interf
 
 	properties := policy.DefinitionProperties{
 		PolicyType:  policy.Type(policyType),
-		Mode:        policy.Mode(mode),
+		Mode:        utils.String(mode),
 		DisplayName: utils.String(displayName),
 		Description: utils.String(description),
 	}
@@ -200,11 +196,11 @@ func resourceArmPolicyDefinitionCreateUpdate(d *schema.ResourceData, meta interf
 	}
 
 	if parametersString := d.Get("parameters").(string); parametersString != "" {
-		parameters, err := structure.ExpandJsonFromString(parametersString)
+		parameters, err := expandParameterDefinitionsValueFromString(parametersString)
 		if err != nil {
 			return fmt.Errorf("unable to parse parameters: %s", err)
 		}
-		properties.Parameters = &parameters
+		properties.Parameters = parameters
 	}
 
 	definition := policy.Definition{
@@ -300,8 +296,10 @@ func resourceArmPolicyDefinitionRead(d *schema.ResourceData, meta interface{}) e
 			d.Set("metadata", metadataStr)
 		}
 
-		if parametersStr := flattenJSON(props.Parameters); parametersStr != "" {
+		if parametersStr, err := flattenParameterDefintionsValueToString(props.Parameters); err == nil {
 			d.Set("parameters", parametersStr)
+		} else {
+			return fmt.Errorf("Error flattening policy definition parameters %+v", err)
 		}
 	}
 
diff --git a/azurerm/internal/services/policy/policy_set_definition_data_source.go b/azurerm/internal/services/policy/policy_set_definition_data_source.go
index e551c57fb21d..888f1c23ba20 100644
--- a/azurerm/internal/services/policy/policy_set_definition_data_source.go
+++ b/azurerm/internal/services/policy/policy_set_definition_data_source.go
@@ -5,7 +5,7 @@ import (
 	"fmt"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
@@ -102,7 +102,12 @@ func dataSourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface
 	d.Set("description", setDefinition.Description)
 	d.Set("policy_type", setDefinition.PolicyType)
 	d.Set("metadata", flattenJSON(setDefinition.Metadata))
-	d.Set("parameters", flattenJSON(setDefinition.Parameters))
+
+	if paramsStr, err := flattenParameterDefintionsValueToString(setDefinition.Parameters); err != nil {
+		return fmt.Errorf("unable to flatten JSON for `parameters`: %+v", err)
+	} else {
+		d.Set("parameters", paramsStr)
+	}
 
 	definitionBytes, err := json.Marshal(setDefinition.PolicyDefinitions)
 	if err != nil {
diff --git a/azurerm/internal/services/policy/policy_set_definition_resource.go b/azurerm/internal/services/policy/policy_set_definition_resource.go
index b7278f158f79..034003bd5c9e 100644
--- a/azurerm/internal/services/policy/policy_set_definition_resource.go
+++ b/azurerm/internal/services/policy/policy_set_definition_resource.go
@@ -11,7 +11,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/Azure/go-autorest/autorest"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
@@ -58,8 +58,10 @@ func resourceArmPolicySetDefinition() *schema.Resource {
 				Required: true,
 				ForceNew: true,
 				ValidateFunc: validation.StringInSlice([]string{
-					string(policy.TypeBuiltIn),
-					string(policy.TypeCustom),
+					string(policy.BuiltIn),
+					string(policy.Custom),
+					string(policy.NotSpecified),
+					string(policy.Static),
 				}, false),
 			},
 
@@ -141,6 +143,14 @@ func policyDefinitionsDiffSuppressFunc(_, old, new string, _ *schema.ResourceDat
 		return false
 	}
 
+	for i := range newPolicyDefinitions {
+		newPolicyDefinitions[i].PolicyDefinitionReferenceID = nil
+	}
+
+	for i := range oldPolicyDefinitions {
+		oldPolicyDefinitions[i].PolicyDefinitionReferenceID = nil
+	}
+
 	return reflect.DeepEqual(oldPolicyDefinitions, newPolicyDefinitions)
 }
 
@@ -183,11 +193,11 @@ func resourceArmPolicySetDefinitionCreateUpdate(d *schema.ResourceData, meta int
 	}
 
 	if parametersString := d.Get("parameters").(string); parametersString != "" {
-		parameters, err := structure.ExpandJsonFromString(parametersString)
+		parameters, err := expandParameterDefinitionsValueFromString(parametersString)
 		if err != nil {
 			return fmt.Errorf("unable to expand parameters json: %s", err)
 		}
-		properties.Parameters = &parameters
+		properties.Parameters = parameters
 	}
 
 	if policyDefinitionsString := d.Get("policy_definitions").(string); policyDefinitionsString != "" {
@@ -288,9 +298,8 @@ func resourceArmPolicySetDefinitionRead(d *schema.ResourceData, meta interface{}
 			d.Set("metadata", metadataStr)
 		}
 
-		if parameters := props.Parameters; parameters != nil {
-			paramsVal := parameters.(map[string]interface{})
-			parametersStr, err := structure.FlattenJsonToString(paramsVal)
+		if props.Parameters != nil {
+			parametersStr, err := flattenParameterDefintionsValueToString(props.Parameters)
 			if err != nil {
 				return fmt.Errorf("unable to flatten JSON for `parameters`: %s", err)
 			}
diff --git a/azurerm/internal/services/policy/tests/policy_remediation_resource_test.go b/azurerm/internal/services/policy/tests/policy_remediation_resource_test.go
index d038a7c69a7d..436eea38b681 100644
--- a/azurerm/internal/services/policy/tests/policy_remediation_resource_test.go
+++ b/azurerm/internal/services/policy/tests/policy_remediation_resource_test.go
@@ -226,7 +226,7 @@ provider "azurerm" {
 data "azurerm_subscription" "current" {}
 
 resource "azurerm_policy_definition" "test" {
-  name         = "acctestDef-%[1]d"
+  name         = "acctestDef-%[1]s"
   policy_type  = "Custom"
   mode         = "All"
   display_name = "my-policy-definition"
@@ -260,7 +260,7 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name                 = "acctestAssign-%[1]d"
+  name                 = "acctestAssign-%[1]s"
   scope                = data.azurerm_subscription.current.id
   policy_definition_id = azurerm_policy_definition.test.id
   description          = "Policy Assignment created via an Acceptance Test"
@@ -276,11 +276,11 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                 = "acctestremediation-%[1]d"
+  name                 = "acctestremediation-%[1]s"
   scope                = azurerm_policy_assignment.test.scope
   policy_assignment_id = azurerm_policy_assignment.test.id
 }
-`, data.RandomInteger)
+`, data.RandomString)
 }
 
 func testAccAzureRMPolicyRemediation_atSubscriptionWithDefinitionSet(data acceptance.TestData) string {
@@ -292,9 +292,9 @@ provider "azurerm" {
 data "azurerm_subscription" "current" {}
 
 resource "azurerm_policy_set_definition" "test" {
-  name         = "testPolicySet-%[1]d"
+  name         = "testPolicySet-%[1]s"
   policy_type  = "Custom"
-  display_name = "Test Policy Set"
+  display_name = "testPolicySet-%[1]s"
 
   parameters = <<PARAMETERS
     {
@@ -324,10 +324,10 @@ POLICY_DEFINITIONS
 }
 
 resource "azurerm_policy_definition" "test" {
-  name         = "acctestDef-%[1]d"
+  name         = "acctestDef-%[1]s"
   policy_type  = "Custom"
   mode         = "All"
-  display_name = "my-policy-definition"
+  display_name = "acctestDef-%[1]s"
 
   policy_rule = <<POLICY_RULE
     {
@@ -358,11 +358,11 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name                 = "acctestAssign-%[1]d"
+  name                 = "acctestAssign-%[1]s"
   scope                = data.azurerm_subscription.current.id
   policy_definition_id = azurerm_policy_set_definition.test.id
   description          = "Policy Assignment created via an Acceptance Test"
-  display_name         = "My Example Policy Assignment"
+  display_name         = "acctestAssign-%[1]s"
 
   parameters = <<PARAMETERS
 {
@@ -374,12 +374,12 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                           = "acctestremediation-%[1]d"
+  name                           = "acctestremediation-%[1]s"
   scope                          = azurerm_policy_assignment.test.scope
   policy_assignment_id           = azurerm_policy_assignment.test.id
   policy_definition_reference_id = azurerm_policy_definition.test.id
 }
-`, data.RandomInteger)
+`, data.RandomString)
 }
 
 func testAccAzureRMPolicyRemediation_atResourceGroup(data acceptance.TestData) string {
@@ -389,12 +389,12 @@ provider "azurerm" {
 }
 
 resource "azurerm_resource_group" "test" {
-  name     = "acctestRG-policy-%[1]d"
+  name     = "acctestRG-policy-%[1]s"
   location = "%[2]s"
 }
 
 resource "azurerm_policy_definition" "test" {
-  name         = "acctestDef-%[1]d"
+  name         = "acctestDef-%[1]s"
   policy_type  = "Custom"
   mode         = "All"
   display_name = "my-policy-definition"
@@ -428,11 +428,11 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name                 = "acctestAssign-%[1]d"
+  name                 = "acctestAssign-%[1]s"
   scope                = azurerm_resource_group.test.id
   policy_definition_id = azurerm_policy_definition.test.id
   description          = "Policy Assignment created via an Acceptance Test"
-  display_name         = "My Example Policy Assignment"
+  display_name         = "acctestAssign-%[1]s"
 
   parameters = <<PARAMETERS
 {
@@ -444,11 +444,11 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                 = "acctestremediation-%[1]d"
+  name                 = "acctestremediation-%[1]s"
   scope                = azurerm_policy_assignment.test.scope
   policy_assignment_id = azurerm_policy_assignment.test.id
 }
-`, data.RandomInteger, data.Locations.Primary)
+`, data.RandomString, data.Locations.Primary)
 }
 
 func testAccAzureRMPolicyRemediation_updateLocation(data acceptance.TestData) string {
@@ -458,12 +458,12 @@ provider "azurerm" {
 }
 
 resource "azurerm_resource_group" "test" {
-  name     = "acctestRG-policy-%[1]d"
+  name     = "acctestRG-policy-%[1]s"
   location = "%[2]s"
 }
 
 resource "azurerm_policy_definition" "test" {
-  name         = "acctestDef-%[1]d"
+  name         = "acctestDef-%[1]s"
   policy_type  = "Custom"
   mode         = "All"
   display_name = "my-policy-definition"
@@ -497,7 +497,7 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name                 = "acctestAssign-%[1]d"
+  name                 = "acctestAssign-%[1]s"
   scope                = azurerm_resource_group.test.id
   policy_definition_id = azurerm_policy_definition.test.id
   description          = "Policy Assignment created via an Acceptance Test"
@@ -513,12 +513,12 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                 = "acctestremediation-%[1]d"
+  name                 = "acctestremediation-%[1]s"
   scope                = azurerm_policy_assignment.test.scope
   policy_assignment_id = azurerm_policy_assignment.test.id
   location_filters     = ["westus"]
 }
-`, data.RandomInteger, data.Locations.Primary)
+`, data.RandomString, data.Locations.Primary)
 }
 
 func testAccAzureRMPolicyRemediation_requiresImport(data acceptance.TestData) string {
@@ -541,11 +541,11 @@ provider "azurerm" {
 }
 
 resource "azurerm_management_group" "test" {
-  display_name = "acctest-policy-%[1]d"
+  display_name = "acctest-policy-%[1]s"
 }
 
 resource "azurerm_policy_definition" "test" {
-  name                = "acctestDef-%[1]d"
+  name                = "acctestDef-%[1]s"
   policy_type         = "Custom"
   mode                = "All"
   display_name        = "my-policy-definition"
@@ -580,7 +580,7 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name = "acctestAssign-%[1]d"
+  name = "acctestAssign-%[1]s"
   #   scope                = azurerm_resource_group.test.id
   #   scope                = data.azurerm_subscription.current.id
   scope = azurerm_management_group.test.id
@@ -599,11 +599,11 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                 = "acctestremediation-%[1]d"
+  name                 = "acctestremediation-%[1]s"
   scope                = azurerm_policy_assignment.test.scope
   policy_assignment_id = azurerm_policy_assignment.test.id
 }
-`, data.RandomInteger)
+`, data.RandomString)
 }
 
 func testAccAzureRMPolicyRemediation_atResource(data acceptance.TestData) string {
@@ -613,26 +613,26 @@ provider "azurerm" {
 }
 
 resource "azurerm_resource_group" "test" {
-  name     = "acctestRG-policy-%[1]d"
+  name     = "acctestRG-policy-%[1]s"
   location = "%[2]s"
 }
 
 resource "azurerm_virtual_network" "test" {
-  name                = "acctest-network-%[1]d"
+  name                = "acctest-network-%[1]s"
   address_space       = ["10.0.0.0/16"]
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
 }
 
 resource "azurerm_subnet" "test" {
-  name                 = "acctestsubnet%[1]d"
+  name                 = "acctestsubnet%[1]s"
   resource_group_name  = azurerm_resource_group.test.name
   virtual_network_name = azurerm_virtual_network.test.name
   address_prefix       = "10.0.2.0/24"
 }
 
 resource "azurerm_network_interface" "test" {
-  name                = "acctestnic-%[1]d"
+  name                = "acctestnic-%[1]s"
   location            = azurerm_resource_group.test.location
   resource_group_name = azurerm_resource_group.test.name
 
@@ -644,7 +644,7 @@ resource "azurerm_network_interface" "test" {
 }
 
 resource "azurerm_linux_virtual_machine" "test" {
-  name                            = "acctest-vm-%[1]d"
+  name                            = "acctest-vm-%[1]s"
   resource_group_name             = azurerm_resource_group.test.name
   location                        = azurerm_resource_group.test.location
   size                            = "Standard_F2"
@@ -669,7 +669,7 @@ resource "azurerm_linux_virtual_machine" "test" {
 }
 
 resource "azurerm_policy_definition" "test" {
-  name         = "acctestDef-%[1]d"
+  name         = "acctestDef-%[1]s"
   policy_type  = "Custom"
   mode         = "All"
   display_name = "my-policy-definition"
@@ -703,7 +703,7 @@ PARAMETERS
 }
 
 resource "azurerm_policy_assignment" "test" {
-  name                 = "acctestAssign-%[1]d"
+  name                 = "acctestAssign-%[1]s"
   scope                = azurerm_linux_virtual_machine.test.id
   policy_definition_id = azurerm_policy_definition.test.id
   description          = "Policy Assignment created via an Acceptance Test"
@@ -719,9 +719,9 @@ PARAMETERS
 }
 
 resource "azurerm_policy_remediation" "test" {
-  name                 = "acctestremediation-%[1]d"
+  name                 = "acctestremediation-%[1]s"
   scope                = azurerm_policy_assignment.test.scope
   policy_assignment_id = azurerm_policy_assignment.test.id
 }
-`, data.RandomInteger, data.Locations.Primary)
+`, data.RandomString, data.Locations.Primary)
 }
diff --git a/azurerm/internal/services/policy/tests/policy_set_definition_resource_test.go b/azurerm/internal/services/policy/tests/policy_set_definition_resource_test.go
index bb76ea9bc00a..a233b0e602ad 100644
--- a/azurerm/internal/services/policy/tests/policy_set_definition_resource_test.go
+++ b/azurerm/internal/services/policy/tests/policy_set_definition_resource_test.go
@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/assignments.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/assignments.go
similarity index 88%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/assignments.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/assignments.go
index bcc18ef870a6..7621a9edf6f4 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/assignments.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/assignments.go
@@ -100,7 +100,7 @@ func (client AssignmentsClient) CreatePreparer(ctx context.Context, scope string
 		"scope":                scope,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -194,7 +194,7 @@ func (client AssignmentsClient) CreateByIDPreparer(ctx context.Context, policyAs
 		"policyAssignmentId": policyAssignmentID,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -280,7 +280,7 @@ func (client AssignmentsClient) DeletePreparer(ctx context.Context, scope string
 		"scope":                scope,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -360,7 +360,7 @@ func (client AssignmentsClient) DeleteByIDPreparer(ctx context.Context, policyAs
 		"policyAssignmentId": policyAssignmentID,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -439,7 +439,7 @@ func (client AssignmentsClient) GetPreparer(ctx context.Context, scope string, p
 		"scope":                scope,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -518,7 +518,7 @@ func (client AssignmentsClient) GetByIDPreparer(ctx context.Context, policyAssig
 		"policyAssignmentId": policyAssignmentID,
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -600,7 +600,7 @@ func (client AssignmentsClient) ListPreparer(ctx context.Context, filter string)
 		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -672,6 +672,126 @@ func (client AssignmentsClient) ListComplete(ctx context.Context, filter string)
 	return
 }
 
+// ListForManagementGroup this operation retrieves the list of all policy assignments applicable to the management
+// group that match the given $filter. Valid values for $filter are: 'atScope()' or 'policyDefinitionId eq '{value}''.
+// If $filter=atScope() is provided, the returned list includes all policy assignments that are assigned to the
+// management group or the management group's ancestors. If $filter=policyDefinitionId eq '{value}' is provided, the
+// returned list includes all policy assignments of the policy definition whose id is {value} that apply to the
+// management group.
+// Parameters:
+// managementGroupID - the ID of the management group.
+// filter - the filter to apply on the operation. Valid values for $filter are: 'atScope()' or
+// 'policyDefinitionId eq '{value}''. A filter is required when listing policy assignments at management group
+// scope.
+func (client AssignmentsClient) ListForManagementGroup(ctx context.Context, managementGroupID string, filter string) (result AssignmentListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/AssignmentsClient.ListForManagementGroup")
+		defer func() {
+			sc := -1
+			if result.alr.Response.Response != nil {
+				sc = result.alr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listForManagementGroupNextResults
+	req, err := client.ListForManagementGroupPreparer(ctx, managementGroupID, filter)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForManagementGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListForManagementGroupSender(req)
+	if err != nil {
+		result.alr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForManagementGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.alr, err = client.ListForManagementGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "ListForManagementGroup", resp, "Failure responding to request")
+	}
+
+	return
+}
+
+// ListForManagementGroupPreparer prepares the ListForManagementGroup request.
+func (client AssignmentsClient) ListForManagementGroupPreparer(ctx context.Context, managementGroupID string, filter string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"managementGroupId": autorest.Encode("path", managementGroupID),
+	}
+
+	const APIVersion = "2019-09-01"
+	queryParameters := map[string]interface{}{
+		"$filter":     filter,
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/providers/Microsoft.Management/managementgroups/{managementGroupId}/providers/Microsoft.Authorization/policyAssignments", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListForManagementGroupSender sends the ListForManagementGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client AssignmentsClient) ListForManagementGroupSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, autorest.DoRetryForStatusCodes(client.RetryAttempts, client.RetryDuration, autorest.StatusCodesForRetry...))
+}
+
+// ListForManagementGroupResponder handles the response to the ListForManagementGroup request. The method always
+// closes the http.Response Body.
+func (client AssignmentsClient) ListForManagementGroupResponder(resp *http.Response) (result AssignmentListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		client.ByInspecting(),
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listForManagementGroupNextResults retrieves the next set of results, if any.
+func (client AssignmentsClient) listForManagementGroupNextResults(ctx context.Context, lastResults AssignmentListResult) (result AssignmentListResult, err error) {
+	req, err := lastResults.assignmentListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForManagementGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListForManagementGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForManagementGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListForManagementGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "policy.AssignmentsClient", "listForManagementGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListForManagementGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client AssignmentsClient) ListForManagementGroupComplete(ctx context.Context, managementGroupID string, filter string) (result AssignmentListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/AssignmentsClient.ListForManagementGroup")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListForManagementGroup(ctx, managementGroupID, filter)
+	return
+}
+
 // ListForResource this operation retrieves the list of all policy assignments associated with the specified resource
 // in the given resource group and subscription that match the optional given $filter. Valid values for $filter are:
 // 'atScope()' or 'policyDefinitionId eq '{value}''. If $filter is not provided, the unfiltered list includes all
@@ -752,7 +872,7 @@ func (client AssignmentsClient) ListForResourcePreparer(ctx context.Context, res
 		"subscriptionId":            autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -885,7 +1005,7 @@ func (client AssignmentsClient) ListForResourceGroupPreparer(ctx context.Context
 		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/client.go
similarity index 99%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/client.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/client.go
index 4719a640da54..396687cac191 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/client.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/client.go
@@ -1,4 +1,4 @@
-// Package policy implements the Azure ARM Policy service API version 2018-05-01.
+// Package policy implements the Azure ARM Policy service API version 2019-09-01.
 //
 // To manage and control access to your resources, you can define customized policies and assign them at a scope.
 package policy
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/definitions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/definitions.go
similarity index 99%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/definitions.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/definitions.go
index 8f073587e3f1..febd295f2e6d 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/definitions.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/definitions.go
@@ -85,7 +85,7 @@ func (client DefinitionsClient) CreateOrUpdatePreparer(ctx context.Context, poli
 		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -167,7 +167,7 @@ func (client DefinitionsClient) CreateOrUpdateAtManagementGroupPreparer(ctx cont
 		"policyDefinitionName": autorest.Encode("path", policyDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -246,7 +246,7 @@ func (client DefinitionsClient) DeletePreparer(ctx context.Context, policyDefini
 		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -321,7 +321,7 @@ func (client DefinitionsClient) DeleteAtManagementGroupPreparer(ctx context.Cont
 		"policyDefinitionName": autorest.Encode("path", policyDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -394,7 +394,7 @@ func (client DefinitionsClient) GetPreparer(ctx context.Context, policyDefinitio
 		"subscriptionId":       autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -470,7 +470,7 @@ func (client DefinitionsClient) GetAtManagementGroupPreparer(ctx context.Context
 		"policyDefinitionName": autorest.Encode("path", policyDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -543,7 +543,7 @@ func (client DefinitionsClient) GetBuiltInPreparer(ctx context.Context, policyDe
 		"policyDefinitionName": autorest.Encode("path", policyDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -615,7 +615,7 @@ func (client DefinitionsClient) ListPreparer(ctx context.Context) (*http.Request
 		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -720,7 +720,7 @@ func (client DefinitionsClient) ListBuiltIn(ctx context.Context) (result Definit
 
 // ListBuiltInPreparer prepares the ListBuiltIn request.
 func (client DefinitionsClient) ListBuiltInPreparer(ctx context.Context) (*http.Request, error) {
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -831,7 +831,7 @@ func (client DefinitionsClient) ListByManagementGroupPreparer(ctx context.Contex
 		"managementGroupId": autorest.Encode("path", managementGroupID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/models.go
similarity index 70%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/models.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/models.go
index 52394c996172..826df3d63647 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/models.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/models.go
@@ -27,32 +27,56 @@ import (
 )
 
 // The package's fully qualified name.
-const fqdn = "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy"
+const fqdn = "github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy"
 
-// Mode enumerates the values for mode.
-type Mode string
+// EnforcementMode enumerates the values for enforcement mode.
+type EnforcementMode string
 
 const (
-	// All ...
-	All Mode = "All"
-	// Indexed ...
-	Indexed Mode = "Indexed"
-	// NotSpecified ...
-	NotSpecified Mode = "NotSpecified"
+	// Default The policy effect is enforced during resource creation or update.
+	Default EnforcementMode = "Default"
+	// DoNotEnforce The policy effect is not enforced during resource creation or update.
+	DoNotEnforce EnforcementMode = "DoNotEnforce"
+)
+
+// PossibleEnforcementModeValues returns an array of possible values for the EnforcementMode const type.
+func PossibleEnforcementModeValues() []EnforcementMode {
+	return []EnforcementMode{Default, DoNotEnforce}
+}
+
+// ParameterType enumerates the values for parameter type.
+type ParameterType string
+
+const (
+	// Array ...
+	Array ParameterType = "Array"
+	// Boolean ...
+	Boolean ParameterType = "Boolean"
+	// DateTime ...
+	DateTime ParameterType = "DateTime"
+	// Float ...
+	Float ParameterType = "Float"
+	// Integer ...
+	Integer ParameterType = "Integer"
+	// Object ...
+	Object ParameterType = "Object"
+	// String ...
+	String ParameterType = "String"
 )
 
-// PossibleModeValues returns an array of possible values for the Mode const type.
-func PossibleModeValues() []Mode {
-	return []Mode{All, Indexed, NotSpecified}
+// PossibleParameterTypeValues returns an array of possible values for the ParameterType const type.
+func PossibleParameterTypeValues() []ParameterType {
+	return []ParameterType{Array, Boolean, DateTime, Float, Integer, Object, String}
 }
 
 // ResourceIdentityType enumerates the values for resource identity type.
 type ResourceIdentityType string
 
 const (
-	// None ...
+	// None Indicates that no identity is associated with the resource or that the existing identity should be
+	// removed.
 	None ResourceIdentityType = "None"
-	// SystemAssigned ...
+	// SystemAssigned Indicates that a system assigned identity is associated with the resource.
 	SystemAssigned ResourceIdentityType = "SystemAssigned"
 )
 
@@ -65,17 +89,19 @@ func PossibleResourceIdentityTypeValues() []ResourceIdentityType {
 type Type string
 
 const (
-	// TypeBuiltIn ...
-	TypeBuiltIn Type = "BuiltIn"
-	// TypeCustom ...
-	TypeCustom Type = "Custom"
-	// TypeNotSpecified ...
-	TypeNotSpecified Type = "NotSpecified"
+	// BuiltIn ...
+	BuiltIn Type = "BuiltIn"
+	// Custom ...
+	Custom Type = "Custom"
+	// NotSpecified ...
+	NotSpecified Type = "NotSpecified"
+	// Static ...
+	Static Type = "Static"
 )
 
 // PossibleTypeValues returns an array of possible values for the Type const type.
 func PossibleTypeValues() []Type {
-	return []Type{TypeBuiltIn, TypeCustom, TypeNotSpecified}
+	return []Type{BuiltIn, Custom, NotSpecified, Static}
 }
 
 // Assignment the policy assignment.
@@ -349,12 +375,49 @@ type AssignmentProperties struct {
 	Scope *string `json:"scope,omitempty"`
 	// NotScopes - The policy's excluded scopes.
 	NotScopes *[]string `json:"notScopes,omitempty"`
-	// Parameters - Required if a parameter is used in policy rule.
-	Parameters interface{} `json:"parameters,omitempty"`
+	// Parameters - The parameter values for the assigned policy rule. The keys are the parameter names.
+	Parameters map[string]*ParameterValuesValue `json:"parameters"`
 	// Description - This message will be part of response in case of policy violation.
 	Description *string `json:"description,omitempty"`
-	// Metadata - The policy assignment metadata.
+	// Metadata - The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs.
 	Metadata interface{} `json:"metadata,omitempty"`
+	// EnforcementMode - The policy assignment enforcement mode. Possible values are Default and DoNotEnforce. Possible values include: 'Default', 'DoNotEnforce'
+	EnforcementMode EnforcementMode `json:"enforcementMode,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for AssignmentProperties.
+func (ap AssignmentProperties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if ap.DisplayName != nil {
+		objectMap["displayName"] = ap.DisplayName
+	}
+	if ap.PolicyDefinitionID != nil {
+		objectMap["policyDefinitionId"] = ap.PolicyDefinitionID
+	}
+	if ap.Scope != nil {
+		objectMap["scope"] = ap.Scope
+	}
+	if ap.NotScopes != nil {
+		objectMap["notScopes"] = ap.NotScopes
+	}
+	if ap.Parameters != nil {
+		objectMap["parameters"] = ap.Parameters
+	}
+	if ap.Description != nil {
+		objectMap["description"] = ap.Description
+	}
+	if ap.Metadata != nil {
+		objectMap["metadata"] = ap.Metadata
+	}
+	if ap.EnforcementMode != "" {
+		objectMap["enforcementMode"] = ap.EnforcementMode
+	}
+	return json.Marshal(objectMap)
+}
+
+// CloudError an error response from a policy operation.
+type CloudError struct {
+	Error *ErrorResponse `json:"error,omitempty"`
 }
 
 // Definition the policy definition.
@@ -430,6 +493,20 @@ func (d *Definition) UnmarshalJSON(body []byte) error {
 	return nil
 }
 
+// DefinitionGroup the policy definition group.
+type DefinitionGroup struct {
+	// Name - The name of the group.
+	Name *string `json:"name,omitempty"`
+	// DisplayName - The group's display name.
+	DisplayName *string `json:"displayName,omitempty"`
+	// Category - The group's category.
+	Category *string `json:"category,omitempty"`
+	// Description - The group's description.
+	Description *string `json:"description,omitempty"`
+	// AdditionalMetadataID - A resource ID of a resource that contains additional metadata about the group.
+	AdditionalMetadataID *string `json:"additionalMetadataId,omitempty"`
+}
+
 // DefinitionListResult list of policy definitions.
 type DefinitionListResult struct {
 	autorest.Response `json:"-"`
@@ -578,39 +655,99 @@ func NewDefinitionListResultPage(getNextPage func(context.Context, DefinitionLis
 
 // DefinitionProperties the policy definition properties.
 type DefinitionProperties struct {
-	// PolicyType - The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. Possible values include: 'TypeNotSpecified', 'TypeBuiltIn', 'TypeCustom'
+	// PolicyType - The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Possible values include: 'NotSpecified', 'BuiltIn', 'Custom', 'Static'
 	PolicyType Type `json:"policyType,omitempty"`
-	// Mode - The policy definition mode. Possible values are NotSpecified, Indexed, and All. Possible values include: 'NotSpecified', 'Indexed', 'All'
-	Mode Mode `json:"mode,omitempty"`
+	// Mode - The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.
+	Mode *string `json:"mode,omitempty"`
 	// DisplayName - The display name of the policy definition.
 	DisplayName *string `json:"displayName,omitempty"`
 	// Description - The policy definition description.
 	Description *string `json:"description,omitempty"`
 	// PolicyRule - The policy rule.
 	PolicyRule interface{} `json:"policyRule,omitempty"`
-	// Metadata - The policy definition metadata.
+	// Metadata - The policy definition metadata.  Metadata is an open ended object and is typically a collection of key value pairs.
 	Metadata interface{} `json:"metadata,omitempty"`
-	// Parameters - Required if a parameter is used in policy rule.
-	Parameters interface{} `json:"parameters,omitempty"`
+	// Parameters - The parameter definitions for parameters used in the policy rule. The keys are the parameter names.
+	Parameters map[string]*ParameterDefinitionsValue `json:"parameters"`
+}
+
+// MarshalJSON is the custom marshaler for DefinitionProperties.
+func (dp DefinitionProperties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if dp.PolicyType != "" {
+		objectMap["policyType"] = dp.PolicyType
+	}
+	if dp.Mode != nil {
+		objectMap["mode"] = dp.Mode
+	}
+	if dp.DisplayName != nil {
+		objectMap["displayName"] = dp.DisplayName
+	}
+	if dp.Description != nil {
+		objectMap["description"] = dp.Description
+	}
+	if dp.PolicyRule != nil {
+		objectMap["policyRule"] = dp.PolicyRule
+	}
+	if dp.Metadata != nil {
+		objectMap["metadata"] = dp.Metadata
+	}
+	if dp.Parameters != nil {
+		objectMap["parameters"] = dp.Parameters
+	}
+	return json.Marshal(objectMap)
 }
 
 // DefinitionReference the policy definition reference.
 type DefinitionReference struct {
 	// PolicyDefinitionID - The ID of the policy definition or policy set definition.
 	PolicyDefinitionID *string `json:"policyDefinitionId,omitempty"`
-	// Parameters - Required if a parameter is used in policy rule.
-	Parameters interface{} `json:"parameters,omitempty"`
+	// Parameters - The parameter values for the referenced policy rule. The keys are the parameter names.
+	Parameters map[string]*ParameterValuesValue `json:"parameters"`
+	// PolicyDefinitionReferenceID - A unique id (within the policy set definition) for this policy definition reference.
+	PolicyDefinitionReferenceID *string `json:"policyDefinitionReferenceId,omitempty"`
+	// GroupNames - The name of the groups that this policy definition reference belongs to.
+	GroupNames *[]string `json:"groupNames,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for DefinitionReference.
+func (dr DefinitionReference) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if dr.PolicyDefinitionID != nil {
+		objectMap["policyDefinitionId"] = dr.PolicyDefinitionID
+	}
+	if dr.Parameters != nil {
+		objectMap["parameters"] = dr.Parameters
+	}
+	if dr.PolicyDefinitionReferenceID != nil {
+		objectMap["policyDefinitionReferenceId"] = dr.PolicyDefinitionReferenceID
+	}
+	if dr.GroupNames != nil {
+		objectMap["groupNames"] = dr.GroupNames
+	}
+	return json.Marshal(objectMap)
 }
 
-// ErrorResponse error response indicates Azure Resource Manager is not able to process the incoming
-// request. The reason is provided in the error message.
+// ErrorAdditionalInfo the resource management error additional info.
+type ErrorAdditionalInfo struct {
+	// Type - READ-ONLY; The additional info type.
+	Type *string `json:"type,omitempty"`
+	// Info - READ-ONLY; The additional info.
+	Info interface{} `json:"info,omitempty"`
+}
+
+// ErrorResponse the resource management error response.
 type ErrorResponse struct {
-	// HTTPStatus - Http status code.
-	HTTPStatus *string `json:"httpStatus,omitempty"`
-	// ErrorCode - Error code.
-	ErrorCode *string `json:"errorCode,omitempty"`
-	// ErrorMessage - Error message indicating why the operation failed.
-	ErrorMessage *string `json:"errorMessage,omitempty"`
+	// Code - READ-ONLY; The error code.
+	Code *string `json:"code,omitempty"`
+	// Message - READ-ONLY; The error message.
+	Message *string `json:"message,omitempty"`
+	// Target - READ-ONLY; The error target.
+	Target *string `json:"target,omitempty"`
+	// Details - READ-ONLY; The error details.
+	Details *[]ErrorResponse `json:"details,omitempty"`
+	// AdditionalInfo - READ-ONLY; The error additional info.
+	AdditionalInfo *[]ErrorAdditionalInfo `json:"additionalInfo,omitempty"`
 }
 
 // Identity identity for the resource.
@@ -619,10 +756,98 @@ type Identity struct {
 	PrincipalID *string `json:"principalId,omitempty"`
 	// TenantID - READ-ONLY; The tenant ID of the resource identity.
 	TenantID *string `json:"tenantId,omitempty"`
-	// Type - The identity type. Possible values include: 'SystemAssigned', 'None'
+	// Type - The identity type. This is the only required field when adding a system assigned identity to a resource. Possible values include: 'SystemAssigned', 'None'
 	Type ResourceIdentityType `json:"type,omitempty"`
 }
 
+// ParameterDefinitionsValue the definition of a parameter that can be provided to the policy.
+type ParameterDefinitionsValue struct {
+	// Type - The data type of the parameter. Possible values include: 'String', 'Array', 'Object', 'Boolean', 'Integer', 'Float', 'DateTime'
+	Type ParameterType `json:"type,omitempty"`
+	// AllowedValues - The allowed values for the parameter.
+	AllowedValues *[]interface{} `json:"allowedValues,omitempty"`
+	// DefaultValue - The default value for the parameter if no value is provided.
+	DefaultValue interface{} `json:"defaultValue,omitempty"`
+	// Metadata - General metadata for the parameter.
+	Metadata *ParameterDefinitionsValueMetadata `json:"metadata,omitempty"`
+}
+
+// ParameterDefinitionsValueMetadata general metadata for the parameter.
+type ParameterDefinitionsValueMetadata struct {
+	// AdditionalProperties - Unmatched properties from the message are deserialized this collection
+	AdditionalProperties map[string]interface{} `json:""`
+	// DisplayName - The display name for the parameter.
+	DisplayName *string `json:"displayName,omitempty"`
+	// Description - The description of the parameter.
+	Description *string `json:"description,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for ParameterDefinitionsValueMetadata.
+func (pdv ParameterDefinitionsValueMetadata) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if pdv.DisplayName != nil {
+		objectMap["displayName"] = pdv.DisplayName
+	}
+	if pdv.Description != nil {
+		objectMap["description"] = pdv.Description
+	}
+	for k, v := range pdv.AdditionalProperties {
+		objectMap[k] = v
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for ParameterDefinitionsValueMetadata struct.
+func (pdv *ParameterDefinitionsValueMetadata) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		default:
+			if v != nil {
+				var additionalProperties interface{}
+				err = json.Unmarshal(*v, &additionalProperties)
+				if err != nil {
+					return err
+				}
+				if pdv.AdditionalProperties == nil {
+					pdv.AdditionalProperties = make(map[string]interface{})
+				}
+				pdv.AdditionalProperties[k] = additionalProperties
+			}
+		case "displayName":
+			if v != nil {
+				var displayName string
+				err = json.Unmarshal(*v, &displayName)
+				if err != nil {
+					return err
+				}
+				pdv.DisplayName = &displayName
+			}
+		case "description":
+			if v != nil {
+				var description string
+				err = json.Unmarshal(*v, &description)
+				if err != nil {
+					return err
+				}
+				pdv.Description = &description
+			}
+		}
+	}
+
+	return nil
+}
+
+// ParameterValuesValue the value of a parameter.
+type ParameterValuesValue struct {
+	// Value - The value of the parameter.
+	Value interface{} `json:"value,omitempty"`
+}
+
 // SetDefinition the policy set definition.
 type SetDefinition struct {
 	autorest.Response `json:"-"`
@@ -844,18 +1069,47 @@ func NewSetDefinitionListResultPage(getNextPage func(context.Context, SetDefinit
 
 // SetDefinitionProperties the policy set definition properties.
 type SetDefinitionProperties struct {
-	// PolicyType - The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom. Possible values include: 'TypeNotSpecified', 'TypeBuiltIn', 'TypeCustom'
+	// PolicyType - The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static. Possible values include: 'NotSpecified', 'BuiltIn', 'Custom', 'Static'
 	PolicyType Type `json:"policyType,omitempty"`
 	// DisplayName - The display name of the policy set definition.
 	DisplayName *string `json:"displayName,omitempty"`
 	// Description - The policy set definition description.
 	Description *string `json:"description,omitempty"`
-	// Metadata - The policy set definition metadata.
+	// Metadata - The policy set definition metadata.  Metadata is an open ended object and is typically a collection of key value pairs.
 	Metadata interface{} `json:"metadata,omitempty"`
 	// Parameters - The policy set definition parameters that can be used in policy definition references.
-	Parameters interface{} `json:"parameters,omitempty"`
+	Parameters map[string]*ParameterDefinitionsValue `json:"parameters"`
 	// PolicyDefinitions - An array of policy definition references.
 	PolicyDefinitions *[]DefinitionReference `json:"policyDefinitions,omitempty"`
+	// PolicyDefinitionGroups - The metadata describing groups of policy definition references within the policy set definition.
+	PolicyDefinitionGroups *[]DefinitionGroup `json:"policyDefinitionGroups,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for SetDefinitionProperties.
+func (sdp SetDefinitionProperties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if sdp.PolicyType != "" {
+		objectMap["policyType"] = sdp.PolicyType
+	}
+	if sdp.DisplayName != nil {
+		objectMap["displayName"] = sdp.DisplayName
+	}
+	if sdp.Description != nil {
+		objectMap["description"] = sdp.Description
+	}
+	if sdp.Metadata != nil {
+		objectMap["metadata"] = sdp.Metadata
+	}
+	if sdp.Parameters != nil {
+		objectMap["parameters"] = sdp.Parameters
+	}
+	if sdp.PolicyDefinitions != nil {
+		objectMap["policyDefinitions"] = sdp.PolicyDefinitions
+	}
+	if sdp.PolicyDefinitionGroups != nil {
+		objectMap["policyDefinitionGroups"] = sdp.PolicyDefinitionGroups
+	}
+	return json.Marshal(objectMap)
 }
 
 // Sku the policy sku. This property is optional, obsolete, and will be ignored.
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/setdefinitions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/setdefinitions.go
similarity index 99%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/setdefinitions.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/setdefinitions.go
index b4a49d8126cf..71b4a2fa17fa 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/setdefinitions.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/setdefinitions.go
@@ -94,7 +94,7 @@ func (client SetDefinitionsClient) CreateOrUpdatePreparer(ctx context.Context, p
 		"subscriptionId":          autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -183,7 +183,7 @@ func (client SetDefinitionsClient) CreateOrUpdateAtManagementGroupPreparer(ctx c
 		"policySetDefinitionName": autorest.Encode("path", policySetDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -262,7 +262,7 @@ func (client SetDefinitionsClient) DeletePreparer(ctx context.Context, policySet
 		"subscriptionId":          autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -337,7 +337,7 @@ func (client SetDefinitionsClient) DeleteAtManagementGroupPreparer(ctx context.C
 		"policySetDefinitionName": autorest.Encode("path", policySetDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -410,7 +410,7 @@ func (client SetDefinitionsClient) GetPreparer(ctx context.Context, policySetDef
 		"subscriptionId":          autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -486,7 +486,7 @@ func (client SetDefinitionsClient) GetAtManagementGroupPreparer(ctx context.Cont
 		"policySetDefinitionName": autorest.Encode("path", policySetDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -559,7 +559,7 @@ func (client SetDefinitionsClient) GetBuiltInPreparer(ctx context.Context, polic
 		"policySetDefinitionName": autorest.Encode("path", policySetDefinitionName),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -631,7 +631,7 @@ func (client SetDefinitionsClient) ListPreparer(ctx context.Context) (*http.Requ
 		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -736,7 +736,7 @@ func (client SetDefinitionsClient) ListBuiltIn(ctx context.Context) (result SetD
 
 // ListBuiltInPreparer prepares the ListBuiltIn request.
 func (client SetDefinitionsClient) ListBuiltInPreparer(ctx context.Context) (*http.Request, error) {
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
@@ -848,7 +848,7 @@ func (client SetDefinitionsClient) ListByManagementGroupPreparer(ctx context.Con
 		"managementGroupId": autorest.Encode("path", managementGroupID),
 	}
 
-	const APIVersion = "2018-05-01"
+	const APIVersion = "2019-09-01"
 	queryParameters := map[string]interface{}{
 		"api-version": APIVersion,
 	}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/version.go
similarity index 94%
rename from vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/version.go
rename to vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/version.go
index 6e7d3290a4b4..bddb0ca3fd46 100644
--- a/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy/version.go
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy/version.go
@@ -21,7 +21,7 @@ import "github.com/Azure/azure-sdk-for-go/version"
 
 // UserAgent returns the UserAgent string to use when sending http.Requests.
 func UserAgent() string {
-	return "Azure-SDK-For-Go/" + Version() + " policy/2018-05-01"
+	return "Azure-SDK-For-Go/" + Version() + " policy/2019-09-01"
 }
 
 // Version returns the semantic version (see http://semver.org) of the client.
diff --git a/vendor/modules.txt b/vendor/modules.txt
index a17a03465fda..c6ad858fd9de 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -86,10 +86,10 @@ github.com/Azure/azure-sdk-for-go/services/redis/mgmt/2018-03-01/redis
 github.com/Azure/azure-sdk-for-go/services/relay/mgmt/2017-04-01/relay
 github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-02-01/resources
 github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-09-01/locks
-github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/policy
 github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-05-01/resources
 github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2018-06-01/subscriptions
 github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-07-01/managedapplications
+github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2019-09-01/policy
 github.com/Azure/azure-sdk-for-go/services/search/mgmt/2015-08-19/search
 github.com/Azure/azure-sdk-for-go/services/servicebus/mgmt/2017-04-01/servicebus
 github.com/Azure/azure-sdk-for-go/services/servicefabric/mgmt/2018-02-01/servicefabric