无法创建阈值规则: InvalidParameterValueException:输入参数不能使用空格: AWSConfig
我正在尝试创建一个aws配置规则,用于检查是否启用了cloudtrail警报。当我运行terraform apply时,我得到了下面的错误Error: Error creating AWSConfig rule: Failed to create AWSConfig rule: InvalidParameterValueException: Blank spaces are not acceptable for input parameter: threshold.。我不确定输入参数中的格式化问题是什么(请参阅input_parameters)。如果我删除除metricName以外的所有内容,则应用程序将起作用
input_parameters = "{\"metricName\":\"CloudTrailConfigChanges\"}"任何帮助都将不胜感激。
resource aws_config_config_rule ensure-log-alarm-exists-for-cloudtrail {
name = "ensure-log-alarm-exists-for-cloudtrail"
description = "Checks whether cloudwatch alarm is on for cloudtrail configuration changes"
source {
owner = "AWS"
source_identifier = "CLOUDWATCH_ALARM_SETTINGS_CHECK"
}
input_parameters = "{\"metricName\":\"CloudTrailConfigChanges\",\"threshold\":1,\"evaluationPeriod\":1,\"period\":300,\"comparisionOperator\":\"GreaterThanOrEqualToThreshold\",\"statistic\":\"Sum\"}"
}从json字符串解析类型It似乎有问题:https://github.com/hashicorp/terraform-provider-aws/issues/773#issuecomment-385454229
我得到了相同的错误,即使
input_parameters =<<EOF
{
"metricName":"CloudTrailConfigChanges",
"threshold":1
}
EOF或
input_parameters = jsonencode({"metricName":"CloudTrailConfigChanges","threshold"=1})转换将int值放在引号中也不起作用。
resource "aws_config_config_rule" "ensure-log-alarm-exists-for-cloudtrail" {
name = "ensure-log-alarm-exists-for-cloudtrail"
description = "Checks whether cloudwatch alarm is on for cloudtrail configuration changes"
source {
owner = "AWS"
source_identifier = "CLOUDWATCH_ALARM_SETTINGS_CHECK"
}
input_parameters = jsonencode({
metricName = "CloudTrailConfigChanges"
threshold = "1"
})
}上面的代码产生了以下错误:
Unknown parameters provided in the inputParameters:回答 2
Stack Overflow用户
发布于 2020-11-27 22:07:08
在您的示例中,您仍然将阈值指定为整数。尝试将其转换为字符串。
resource "aws_config_config_rule" "ensure-log-alarm-exists-for-cloudtrail" {
name = "ensure-log-alarm-exists-for-cloudtrail"
description = "Checks whether cloudwatch alarm is on for cloudtrail configuration changes"
source {
owner = "AWS"
source_identifier = "CLOUDWATCH_ALARM_SETTINGS_CHECK"
}
input_parameters = jsonencode({
metricName = "CloudTrailConfigChanges"
threshold = "1"
})
}Stack Overflow用户
发布于 2021-08-03 23:19:56
我遇到了这样的错误,解决它的方法是添加一个条件。我不完全理解为什么这是可行的,为什么它会在没有条件的情况下导致这个错误,但我看到了AWS示例中使用的条件。
例如,我首先尝试使用类似下面这样的简单方式引用一个参数:
"InputParameters": {
"appNames": {
"Ref": "ApplicationNames"
}
}当我的资源像这样直接引用ApplicationNames参数时,它就会给出这个错误。但是使用Conditions并以这种方式引用参数会使其正常工作,如下面的完整模板示例所示:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Just a stripped-down example",
"Parameters": {
"ApplicationNames": {
"Type": "String",
"Default": "This Has Spaces",
"MinLength": "1",
"ConstraintDescription": "This parameter is required."
}
},
"Conditions": {
"ApplicationNamesDefined": {
"Fn::Not": [
{
"Fn::Equals": [
"",
{
"Ref": "ApplicationNames"
}
]
}
]
}
},
"Resources": {
"SampleRule": {
"Type": "AWS::Config::ConfigRule",
"DependsOn": "SecurityHubCustomUpdaterFunction",
"Properties": {
"ConfigRuleName": "TheName",
"Description": "It was here that I was getting 'Blank spaces are not acceptable for input parameter: applicationNames' before I added the Conditions and Fn::If to reference it",
"InputParameters": {
"appNames": {
"Fn::If": [
"ApplicationNamesDefined",
{
"Ref": "ApplicationNames"
},
{
"Ref": "AWS::NoValue"
}
]
}
},
"Scope": {
"ComplianceResourceTypes": [
"AWS::SSM::ManagedInstanceInventory"
]
},
"Source": {
"Owner": "AWS",
"SourceIdentifier": "EC2_MANAGEDINSTANCE_APPLICATIONS_REQUIRED"
}
}
}
}
}因此,您可能希望尝试使用Conditions。
https://stackoverflow.com/questions/65038013
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号