update example usage with jsoneconde configuration

hashicorp · Feb 19, 2021 · 95d6039 · 95d6039
1 parent 24470cc
commit 95d6039
Showing 1 changed file with 15 additions and 31 deletions.
diff --git a/website/docs/r/fms_policy.html.markdown b/website/docs/r/fms_policy.html.markdown
@@ -22,27 +22,23 @@ resource "aws_fms_policy" "example" {
   security_service_policy_data {
     type = "WAF"
 
-    managed_service_data = <<EOF
-      {
-        "type": "WAF",
-        "ruleGroups":
-          [{
-            "id":"${aws_wafregional_rule_group.test.id}",
-            "overrideAction" : {
-              "type": "COUNT"
-            }
-          }],
-        "defaultAction":
-        {
-          "type": "BLOCK"
-        },
-        "overrideCustomerWebACLAssociation": false
+    managed_service_data = jsonencode({
+      type = "WAF",
+      ruleGroups = [{
+        id = aws_wafregional_rule_group.example.id
+        overrideAction = {
+          type = "COUNT"
+        }
+      }]
+      defaultAction = {
+        type = "BLOCK"
       }
-EOF
+      overrideCustomerWebACLAssociation = false
+    })
   }
 }
 
-resource "aws_wafregional_rule_group" "test" {
+resource "aws_wafregional_rule_group" "example" {
   metric_name = "WAFRuleGroupExample"
   name        = "WAF-Rule-Group-Example"
 }
@@ -73,20 +69,8 @@ The following arguments are supported:
 
 ## `security_service_policy_data` Configuration Block
 
-* `managed_service_data` (Optional) Details about the service that are specific to the service type, in JSON format. For service type SHIELD_ADVANCED, this is an empty string.
-* `type` (Required, Forces new resource) The service that the policy is using to protect the resources. Valid values are WAFV2, WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, and SECURITY_GROUPS_USAGE_AUDIT.
-
-## `managed_service_data` Configuration Block
-
--> Additional information about this configuration can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html)
-
-* `type` - (Required) Type currently only supports WAF.
-* `rule_groups` - (Required) A rule group block, maximum of 2 rule group blocks are currently supported.
-    * `id` - (Required) Id of the WAF Rule Group that's to be attached.
-    * `override_action` (Required)  Override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
-        * `type` - (Required) valid values are `NONE` or `COUNT`.
-* `default_action`- (Required) Configuration block with action that you want AWS Waf to take when a request doesn't match the criteria in any of the rules.
-    * `type` - (Required) valid values are `BLOCK` or `COUNT`.
+* `managed_service_data` (Optional) Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).
+* `type` - (Required, Forces new resource) The service that the policy is using to protect the resources. Valid values are `WAFV2`, `WAF`, `SHIELD_ADVANCED`, `SECURITY_GROUPS_COMMON`, `SECURITY_GROUPS_CONTENT_AUDIT`, and `SECURITY_GROUPS_USAGE_AUDIT`.
 
 ## Attribute Reference