Invalid value for "str" parameter: string required.

Question

Invalid value for "str" parameter: string required.

jonclyde opened this issue 2 years ago · comments

Reporting issue whereby I recieve error "Invalid value for "str" parameter: string required." whenever trying to create a initiative with built-in policies included.

Data sources

data "azurerm_policy_definition" "azure_defender_sql_opensource" {
display_name = "Configure Azure Defender for open-source relational databases to be enabled"
}
data "azurerm_policy_definition" "azure_defender_servers" {
display_name = "Configure Azure Defender for servers to be enabled"
}
data "azurerm_policy_definition" "azure_defender_sql_vms" {
display_name = "Configure Azure Defender for SQL servers on machines to be enabled"
}
data "azurerm_policy_definition" "azure_defender_app_service" {
display_name = "Configure Azure Defender for App Service to be enabled"
}
data "azurerm_policy_definition" "azure_defender_storage" {
display_name = "Configure Azure Defender for Storage to be enabled"
}
data "azurerm_policy_definition" "azure_defender_aks" {
display_name = "[Preview]: Configure Azure Kubernetes Service clusters to enable Defender profile"
}
data "azurerm_policy_definition" "azure_defender_key_vault" {
display_name = "Configure Azure Defender for Key Vaults to be enabled"
}
data "azurerm_policy_definition" "azure_defender_dns" {
display_name = "Configure Azure Defender for DNS to be enabled"
}
data "azurerm_policy_definition" "azure_defender_resource_manager" {
display_name = "Configure Azure Defender for Resource Manager to be enabled"
}
data "azurerm_policy_definition" "azure_defender_sql_paas" {
display_name = "Configure Azure Defender for Azure SQL database to be enabled"
}
data "azurerm_policy_definition" "azure_defender_la_export" {
display_name = "Deploy export to Log Analytics workspace for Azure Security Center data"
}

Initiative creation

module "configure_asc_initiative" {
source = "../modules/initiative"
initiative_name = "configure_asc_initiative"
initiative_display_name = "Deploy Azure Security Center configuration"
initiative_description = "Deploys and configures Azure Security Center settings and defines exports"
initiative_category = "Security Center"
management_group_name = data.azurerm_management_group.root.name

member_definitions = [
data.azurerm_policy_definition.azure_defender_sql_opensource,
data.azurerm_policy_definition.azure_defender_servers,
data.azurerm_policy_definition.azure_defender_sql_vms,
data.azurerm_policy_definition.azure_defender_app_service,
data.azurerm_policy_definition.azure_defender_storage,
data.azurerm_policy_definition.azure_defender_aks,
data.azurerm_policy_definition.azure_defender_key_vault,
data.azurerm_policy_definition.azure_defender_dns,
data.azurerm_policy_definition.azure_defender_resource_manager,
data.azurerm_policy_definition.azure_defender_sql_paas,
data.azurerm_policy_definition.azure_defender_la_export,
module.policy_definition_es_deploy_asc_securitycontacts,
]
}

Error
Error: Invalid function argument
│
│ on ..\modules\initiative\main.tf line 16, in resource "azurerm_policy_set_definition" "set":
│ 16: parameters = jsondecode(d.parameters)
│ ├────────────────
│ │ d.parameters is object with 2 attributes
│
│ Invalid value for "str" parameter: string required.

jonclyde · Answer 1 · Tue Mar 08 2022 19:06:55 GMT+0800 (China Standard Time)

Incorrect reference : module.policy_definition_es_deploy_asc_securitycontacts