Invalid value for "str" parameter: string required.
jonclyde opened this issue · comments
Reporting issue whereby I recieve error "Invalid value for "str" parameter: string required." whenever trying to create a initiative with built-in policies included.
Data sources
data "azurerm_policy_definition" "azure_defender_sql_opensource" {
display_name = "Configure Azure Defender for open-source relational databases to be enabled"
}
data "azurerm_policy_definition" "azure_defender_servers" {
display_name = "Configure Azure Defender for servers to be enabled"
}
data "azurerm_policy_definition" "azure_defender_sql_vms" {
display_name = "Configure Azure Defender for SQL servers on machines to be enabled"
}
data "azurerm_policy_definition" "azure_defender_app_service" {
display_name = "Configure Azure Defender for App Service to be enabled"
}
data "azurerm_policy_definition" "azure_defender_storage" {
display_name = "Configure Azure Defender for Storage to be enabled"
}
data "azurerm_policy_definition" "azure_defender_aks" {
display_name = "[Preview]: Configure Azure Kubernetes Service clusters to enable Defender profile"
}
data "azurerm_policy_definition" "azure_defender_key_vault" {
display_name = "Configure Azure Defender for Key Vaults to be enabled"
}
data "azurerm_policy_definition" "azure_defender_dns" {
display_name = "Configure Azure Defender for DNS to be enabled"
}
data "azurerm_policy_definition" "azure_defender_resource_manager" {
display_name = "Configure Azure Defender for Resource Manager to be enabled"
}
data "azurerm_policy_definition" "azure_defender_sql_paas" {
display_name = "Configure Azure Defender for Azure SQL database to be enabled"
}
data "azurerm_policy_definition" "azure_defender_la_export" {
display_name = "Deploy export to Log Analytics workspace for Azure Security Center data"
}
Initiative creation
module "configure_asc_initiative" {
source = "../modules/initiative"
initiative_name = "configure_asc_initiative"
initiative_display_name = "Deploy Azure Security Center configuration"
initiative_description = "Deploys and configures Azure Security Center settings and defines exports"
initiative_category = "Security Center"
management_group_name = data.azurerm_management_group.root.name
member_definitions = [
data.azurerm_policy_definition.azure_defender_sql_opensource,
data.azurerm_policy_definition.azure_defender_servers,
data.azurerm_policy_definition.azure_defender_sql_vms,
data.azurerm_policy_definition.azure_defender_app_service,
data.azurerm_policy_definition.azure_defender_storage,
data.azurerm_policy_definition.azure_defender_aks,
data.azurerm_policy_definition.azure_defender_key_vault,
data.azurerm_policy_definition.azure_defender_dns,
data.azurerm_policy_definition.azure_defender_resource_manager,
data.azurerm_policy_definition.azure_defender_sql_paas,
data.azurerm_policy_definition.azure_defender_la_export,
module.policy_definition_es_deploy_asc_securitycontacts,
]
}
Error
Error: Invalid function argument
│
│ on ..\modules\initiative\main.tf line 16, in resource "azurerm_policy_set_definition" "set":
│ 16: parameters = jsondecode(d.parameters)
│ ├────────────────
│ │ d.parameters is object with 2 attributes
│
│ Invalid value for "str" parameter: string required.
Incorrect reference : module.policy_definition_es_deploy_asc_securitycontacts