Fail to create a cross_region_copy_rule for DLP

I have the following TF piece of code but it fails with the below error:


provider "aws" {
  alias  = "DR"
  region = var.dr_aws_region_name
}


resource "aws_kms_key" "dlm_cross_region_copy_cmk" {
  provider = aws.DR
  multi_region = true
  description = "${var.consul_cluster_name} Alternate Region KMS Key"

  policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "dlm-cross-region-copy-cmk",
  "Statement": [
    {
      "Sid": "Enable IAM User Permissions",
      "Effect": "Allow",
      "Principal": {
          "AWS": "arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"
      },
      "Action": "kms:*",
      "Resource": "*"
    }
  ]
}
POLICY
}



resource "aws_iam_role" "dlm_lifecycle_role" {
  name = "dlm-lifecycle-role-consul-${var.consul_cluster_name}"

  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "dlm.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
EOF
}

resource "aws_iam_role_policy" "dlm_lifecycle" {
  name = "dlm-lifecycle-policy-consule-${var.consul_cluster_name}"
  role = aws_iam_role.dlm_lifecycle_role.id

  policy = <<EOF
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": "ec2:CreateTags",
			"Resource": [
				"arn:aws:ec2:*::snapshot/*",
				"arn:aws:ec2:*::image/*"
			]
		},
		{
			"Effect": "Allow",
			"Action": [
				"ec2:DescribeImages",
				"ec2:DescribeInstances",
				"ec2:DescribeImageAttribute",
				"ec2:DescribeInstances",
				"ec2:DescribeVolumes",
				"ec2:DescribeSnapshots"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": "ec2:DeleteSnapshot",
			"Resource": "arn:aws:ec2:*::snapshot/*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"ec2:ResetImageAttribute",
				"ec2:DeregisterImage",
				"ec2:CreateImage",
				"ec2:CopyImage",
				"ec2:ModifyImageAttribute"
			],
			"Resource": "*"
		},
		{
			"Effect": "Allow",
			"Action": [
				"ec2:EnableImageDeprecation",
				"ec2:DisableImageDeprecation"
			],
			"Resource": "arn:aws:ec2:*::image/*"
		},
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt",
                "kms:Encrypt"
            ],
            "Resource": "${aws_kms_key.dlm_cross_region_copy_cmk.arn}"
        }
	]
}
EOF
}

provider "aws" {
  alias  = "MAIN"
  region = var.aws_region
}

resource "aws_dlm_lifecycle_policy" "consul-lifecycle-policy" {
  provider           = aws.MAIN
  description        = "DLM lifecycle policy for consul cluster ${var.consul_cluster_name}"
  execution_role_arn = aws_iam_role.dlm_lifecycle_role.arn
  state              = "ENABLED"

  policy_details {
    resource_types = ["INSTANCE"]
    policy_type = "IMAGE_MANAGEMENT"
    parameters {
      no_reboot = true
    }
    schedule {
      name = "2 weeks of daily snapshots"

      create_rule {
        interval      = 12
        interval_unit = "HOURS"
        times         = ["23:45"]
      }

      retain_rule {
        interval = 14
        interval_unit = "DAYS"
      }

      tags_to_add = {
        SnapshotCreator = "DLM"
      }

      copy_tags = true

      cross_region_copy_rule {
        target    = var.dr_aws_region_name
        encrypted = true
        cmk_arn   = aws_kms_key.dlm_cross_region_copy_cmk.arn
        copy_tags = true
        retain_rule {
          interval      = 14
          interval_unit = "DAYS"
        }
      }

    }


    target_tags = {
      consul-auto-discover = var.consul_cluster_name
    }
  }
}

ERROR:

│ Error: error updating DLM Lifecycle Policy (policy-002196a7e9bcca444): InvalidRequestException: The following parameters(s) are invalid: {Target}
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "10c05837-591c-4f73-8373-7909c44be352"
│   },
│   Code_: "InvalidParameter",
│   Message_: "The following parameters(s) are invalid: {Target}"
│ }
│ 
│   with aws_dlm_lifecycle_policy.consul-lifecycle-policy,
│   on data-lifecycle.tf line 125, in resource "aws_dlm_lifecycle_policy" "consul-lifecycle-policy":
│  125: resource "aws_dlm_lifecycle_policy" "consul-lifecycle-policy" {
│ 
╵

What am i missing?