Search code examples
amazon-web-servicesterraformgrafana

Deploy AWS Grafana with Terraform

trying to create a aws grafana in a non root account using terraform

I have the below code to get started:

resource "aws_grafana_workspace" "org" {
  account_access_type      = "ORGANIZATION"
  organizational_units     = ["xxxxxxxx"]
  authentication_providers = ["AWS_SSO"]
  permission_type          = "CUSTOMER_MANAGED"
  data_sources             = ["AMAZON_OPENSEARCH_SERVICE", "ATHENA", "CLOUDWATCH", "PROMETHEUS", "REDSHIFT", "SITEWISE", "TIMESTREAM", "XRAY"]
  role_arn                 = aws_iam_role.grafana.arn
  configuration = jsonencode({
    "name" : "organizational-grafana",
    "grafana_version" : 9.4,
    "vpc_configuration" : {
      "security_group_ids" : [aws_security_group.grafana.id],
      "subnet_ids" : data.aws_subnets.private.ids
    }
  })
}

but get the error:

 Error: creating Grafana Workspace: ValidationException: The JSON provided in the configuration property {} is invalid for the grafanaVersion {}.
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "f6a931c7-5386-4f3e-a4d3-e441cca0d44c"
│   },
│   Message_: "The JSON provided in the configuration property {} is invalid for the grafanaVersion {}."
│ }

Ive tried putting the 9.4 as "9.4" using grafanaVersion instead of grafana_verison, and removing it all together. I still always get the same error.

any ideas how to get it this deploying?

Solution

  • Follow this : https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/grafana_workspace

    grafana_version is an arguments so It should be (its not in configuration function):

    resource "aws_grafana_workspace" "org" {
  account_access_type      = "ORGANIZATION"
  organizational_units     = ["xxxxxxxx"]
  authentication_providers = ["AWS_SSO"]
  permission_type          = "CUSTOMER_MANAGED"
  data_sources             = ["AMAZON_OPENSEARCH_SERVICE", "ATHENA", "CLOUDWATCH", "PROMETHEUS", "REDSHIFT", "SITEWISE", "TIMESTREAM", "XRAY"]
  role_arn                 = aws_iam_role.grafana.arn
  grafana_version          = "9.4"
  configuration = jsonencode({
    "name" : "organizational-grafana",
    
    "vpc_configuration" : {
      "security_group_ids" : [aws_security_group.grafana.id],
      "subnet_ids" : data.aws_subnets.private.ids
    }
  })
}

    And I think vpc_configuration is not in configuration function as well.