AWS Grafana via terraform error

Question

Hi

trying to create a aws grafana in a non root account using terraform

I have the below code to get started:

```
resource "aws_grafana_workspace" "org" {
  account_access_type      = "ORGANIZATION"
  organizational_units     = ["xxxxxxxx"]
  authentication_providers = ["AWS_SSO"]
  permission_type          = "CUSTOMER_MANAGED"
  data_sources             = ["AMAZON_OPENSEARCH_SERVICE", "ATHENA", "CLOUDWATCH", "PROMETHEUS", "REDSHIFT", "SITEWISE", "TIMESTREAM", "XRAY"]
  role_arn                 = aws_iam_role.grafana.arn
  configuration = jsonencode({
    "name" : "organizational-grafana",
    "grafana_version" : 9.4,
    "vpc_configuration" : {
      "security_group_ids" : [aws_security_group.grafana.id],
      "subnet_ids" : data.aws_subnets.private.ids
    }
  })
}
```

but get the error:

```
 Error: creating Grafana Workspace: ValidationException: The JSON provided in the configuration property {} is invalid for the grafanaVersion {}.
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "f6a931c7-5386-4f3e-a4d3-e441cca0d44c"
│   },
│   Message_: "The JSON provided in the configuration property {} is invalid for the grafanaVersion {}."
│ }
```

Ive tried putting the 9.4 as "9.4" using grafanaVersion instead of grafana_verison, and removing it all together. I still always get the same error.

any ideas how to get it this deploying?

Accepted Answer

As Per DOCS, this is not possible...

In both the Amazon Managed Grafana API and the AWS CLI, the configuration is a JSON string
The only configuration that you can set is the unifiedAlerting, enabled setting. Setting this to true turns on the Grafana alerting feature, setting it to false turns it off.

https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html

Simple fix, your Terraform is slightly incorrect..

Use this

```
resource "aws_grafana_workspace" "org" {
  account_access_type      = "ORGANIZATION"
  organizational_units     = ["xxxxxxxx"]
  authentication_providers = ["AWS_SSO"]
  permission_type          = "CUSTOMER_MANAGED"
  data_sources             = ["AMAZON_OPENSEARCH_SERVICE", "ATHENA", "CLOUDWATCH", "PROMETHEUS", "REDSHIFT", "SITEWISE", "TIMESTREAM", "XRAY"]
  role_arn                 = aws_iam_role.grafana.arn
  grafana_version          = 9.4
  name                     = "organizational-grafana"

vpc_configuration  {
    security_group_ids = [aws_security_group.grafana.id]
    subnet_ids = data.aws_subnets.private.ids
  }
}
```

Answer

Resolved!

Error was a fake news.. it was actualy the data call to the subnets was wrong. now deployed! thanks for the help

Answer

Hi yes! no idea how i got all that confused.. but now im scratching my head even more... as

```
resource "aws_grafana_workspace" "org" {
  name                     = "organizational-grafana"
  description              = "Organizational Grafana workspace via SSO"
  grafana_version          = "9.4"
  account_access_type      = "ORGANIZATION"
  organizational_units     = ["zxcasdasdas"]
  authentication_providers = ["AWS_SSO"]
  permission_type          = "CUSTOMER_MANAGED"
  data_sources             = ["AMAZON_OPENSEARCH_SERVICE", "ATHENA", "CLOUDWATCH", "PROMETHEUS", "REDSHIFT", "SITEWISE", "TIMESTREAM", "XRAY"]
  role_arn                 = aws_iam_role.grafana.arn

vpc_configuration = {
    security_group_ids = aws_security_group.grafana.id
    subnet_ids         = data.aws_subnets.private.ids
  }
}
```

is getting the error:

```
Error: Unsupported argument
│ 
│   on grafana.tf line 12, in resource "aws_grafana_workspace" "org":
│   12:   vpc_configuration = {
│ 
│ An argument named "vpc_configuration" is not expected here. Did you mean to define a block of type "vpc_configuration"?
```

AWS Grafana via terraform error

Relevant content