I have a problem understanding how to add multiple tags into AWS Config for the config rule approved-amis-by-tag using Terraform.
This is my setup:
# AWS Config Rule that checks if the AMIs used are in the list of compliant AMIs
resource "aws_config_organization_managed_rule" "approved-amis-by-tag" {
depends_on = [
aws_config_configuration_recorder.config_recorder
]
name = "approved-amis-by-tag"
rule_identifier = "APPROVED_AMIS_BY_TAG"
input_parameters = <<EOF
{
"amisByTagKeyAndValue": {
"approvedAmiLinux": "amazonLinux",
"approvedAmiLinux2": "amazonLinux2",
"approvedAmiUbuntu20.04": "Ubuntu20.04",
"approvedAmiUbuntu22.04": "Ubuntu22.04"
}
}
EOF
timeouts {
create = "10m"
delete = "10m"
update = "10m"
}
}
When I run this using terraform -plan it works as expected. As soon as I try to deploy it to AWS using terraform apply, I get the following error message:
Error: error creating Config Organization Managed Rule (approved-amis-by-tag): InvalidParameterValueException: Blank spaces are not acceptable for input parameter: amisByTagKeyAndValue. │ │ with aws_config_organization_managed_rule.approved-amis-by-tag, │ on 07_config.tf line 102, in resource "aws_config_organization_managed_rule" "approved-amis-by-tag": │ 102: resource "aws_config_organization_managed_rule" "approved-amis-by-tag" {
How do I need to formulate "amisByTagKeyAndValue" so that this works fine?
This is most likely due to an issue with the JSON formatting in your string. This would be more easily and confidently accomplished with jsonencode:
input_parameters = jsonencode({
"amisByTagKeyAndValue" = {
"approvedAmiLinux" = "amazonLinux",
"approvedAmiLinux2" = "amazonLinux2",
"approvedAmiUbuntu20.04" = "Ubuntu20.04",
"approvedAmiUbuntu22.04" = "Ubuntu22.04"
}
})