Fatal编程技术网
  • terraform/
  • Terraform 错误:创建AWSConfig规则时出错:未能创建AWSConfig规则:InvalidParameterValueException

Terraform 错误:创建AWSConfig规则时出错:未能创建AWSConfig规则:InvalidParameterValueException

terraform

Terraform 错误:创建AWSConfig规则时出错:未能创建AWSConfig规则:InvalidParameterValueException,terraform,aws-config,Terraform,Aws Config,我试图添加一个aws\u config\u config\u规则资源,其中包含一组input\u参数,但我一直得到 Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: Unknown parameters provided in the inputParameters: {"targetBucket":"mybuc

我试图添加一个
aws\u config\u config\u规则
资源,其中包含一组
input\u参数
,但我一直得到

Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: Unknown parameters provided in the inputParameters: {"targetBucket":"mybucket"}.
我想我可以使用jsonencode函数。我遇到了一个github问题:,但它与我所经历的不同。任何帮助都将不胜感激。

我为该规则使用了错误的输入参数。这很有效

# Ensures that the S3 bucket used by CloudTrail is not publicly accessible
resource aws_config_config_rule cloudtrail-s3-bucket-not-publicy-accessible {
    name = "cloudtrail-s3-bucket-not-publicy-accessible"
    description = "Checks whether the required public access block settings are configured from account level. The rule is only NON_COMPLIANT when the fields set below do not match the corresponding fields in the configuration item."

    source {
        owner   = "AWS"
        source_identifier = "S3_ACCOUNT_LEVEL_PUBLIC_ACCESS_BLOCKS"
    }

    scope {
        compliance_resource_id = aws_s3_bucket.mybucket.id
        compliance_resource_types = ["AWS::S3::Bucket"]
    }
    input_parameters =  "{\"IgnorePublicAcls\":\"True\",\"BlockPublicPolicy\":\"True\",\"BlockPublicAcls\":\"True\",\"RestrictPublicBuckets\":\"True\"}"
}

# Ensures that the S3 bucket used by CloudTrail is not publicly accessible
resource aws_config_config_rule cloudtrail-s3-bucket-not-publicy-accessible {
    name = "cloudtrail-s3-bucket-not-publicy-accessible"
    description = "Checks whether the required public access block settings are configured from account level. The rule is only NON_COMPLIANT when the fields set below do not match the corresponding fields in the configuration item."

    source {
        owner   = "AWS"
        source_identifier = "S3_ACCOUNT_LEVEL_PUBLIC_ACCESS_BLOCKS"
    }

    scope {
        compliance_resource_id = aws_s3_bucket.mybucket.id
        compliance_resource_types = ["AWS::S3::Bucket"]
    }
    input_parameters =  "{\"IgnorePublicAcls\":\"True\",\"BlockPublicPolicy\":\"True\",\"BlockPublicAcls\":\"True\",\"RestrictPublicBuckets\":\"True\"}"
}