Implemented the same identifier change to the account rules that was …

…made in the organization-level rules
niaid · Jun 13, 2024 · 1d562ee · 1d562ee
1 parent f9bd208
commit 1d562ee
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/modules/account/main.tf b/modules/account/main.tf
@@ -2,23 +2,23 @@ resource "aws_config_config_rule" "rule" {
   for_each = var.rules
 
   name        = "${var.rule_name_prefix}${each.key}"
-  description = try(each.value["description"], "")
+  description = try(each.value.description, "")
 
   scope {
-    compliance_resource_types = try(each.value["resource_types_scope"], [])
+    compliance_resource_types = try(each.value.resource_types_scope, [])
   }
 
   source {
     owner             = "AWS"
-    source_identifier = upper(replace(each.key, "-", "_"))
+    source_identifier = each.value.identifier
   }
 
   input_parameters = (
     # AWS Config expects all values as strings. This list comprehension
     # removes optional parameter attributes whose value is 'null'.
-    try(jsonencode(each.value["input_parameters"]), null) != "null" ?
+    try(jsonencode(each.value.input_parameters), null) != "null" ?
     try(jsonencode(
-      { for k, v in each.value["input_parameters"] :
+      { for k, v in each.value.input_parameters :
         k => tostring(v) if v != null }), null) :
     null
   )