堆栈内存溢出
  繁体   English   中英

terraform for_each 索引问题,无效索引

[英]terraform for_each index issue, invalid index

 原文  2022-05-04 07:20:36       amazon-web-services/ terraform/ terraform-provider-aws

问题描述

该错误似乎与这篇文章中提到的相同( Terraform for_each loop.Invalid index ); 尽管答案似乎与我想做的事情无关; 所以发布为新问题

Terraform version: 0.13.6
aws provider version is: 3.7

我想做的是,在多个帐户中使用 s3 存储桶创建模块。 s3 存储桶配置,我将其保存在本地。 S3 存储桶名称将通过变量(字符串列表)传递,如果本地 s3_buckets 变量中存在 s3 存储桶名称,则配置应该从那里获取。 例如,对于帐户 1,将仅创建 bucket1,对于帐户 2,将创建 bucket1 和 bucket 3 等。

我希望基于我传递的“var.s3_buckets”值,它会从本地找到正确的配置; 但是,出于某种原因,它会查找所有值,因此我认为使用索引会出错。 我想我错过了一些东西,虽然无法弄清楚它是什么..

我传递的变量是

var.kms_keys = {"bucket2":"org/bucket"}
var.s3_buckets = ["bucket2]

我得到的错误是:

Error: Invalid index

  on modules/../main.tf line 22, in locals:
  22:       kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
    |----------------
    | aws_kms_key.logging_kms_keys is object with 1 attribute "bucket2"

The given key does not identify an element in this collection value.

代码是

locals {
  s3_buckets = {
    bucket1 = { 
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
    },
    bucket2 = { 
      bucket_policy = templatefile("bucket2.json",
        {
          bucket_name = "bucket2"
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
    },
    bucket3= { 
      bucket_policy = templatefile("bucket3.json",
        {
          bucket_name = "bucket3"
          kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
    }

  }
}
.
.
resource "aws_kms_key" "logging_kms_keys" {
  for_each = var.kms_keys

  description         = "${each.value} KMS Key"
  enable_key_rotation = true
  policy              = lookup(local.kms_policies, each.key, "")
  is_enabled          = true
}

resource "aws_s3_bucket" "logging_buckets" {
  for_each = toset(var.s3_buckets)

  bucket        = each.key
  acl           = lookup(local.s3_buckets[each.key], "acl", "private")
  policy        = lookup(local.s3_buckets[each.key], "bucket_policy", "")
  force_destroy = false

  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        kms_master_key_id = lookup(local.s3_buckets[each.key], "kms_key_arn", data.aws_kms_alias.default_kms_key.arn)
        sse_algorithm     = "aws:kms"
      }
      bucket_key_enabled = true
    }
  }

}

1 个解决方案

解决方案1
 1  2022-05-04 09:11:10

如果您只有bucket2 ,则不能在locals引用bucket1bucket3 ,因为它们不存在。 因此它应该是:

locals {
  s3_buckets = {
    bucket2 = { 
      bucket_policy = templatefile("bucket2.json",
        {
          bucket_name = "bucket2"
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
    }
  }
}

或者您可以使用for_each迭代地执行此操作:

locals {
  s3_buckets = { for bucket, kms in aws_kms_key.logging_kms_keys:
    "${bucket}" => { 
      bucket_policy = templatefile("${bucket}.json",
        {
          bucket_name = bucket
        }
      )
      kms_key_arn = kms.arn
    }
  }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Terraform for_each 里面的 for_each? Terraform 中的 for_each 和 count 表达式 Terraform: for_each 一个一个 Terraform 带 for_each 的条件数量 Terraform for_each 迭代超过 object 如何在地形中使用'depends_on'和'for_each'? Terraform for_each 文件迭代 function 来自 terraform 的 for_each 参数不受支持 Terraform - 在 for_each 循环中引用循环资源 使用 terraform 循环 for_each 嵌套资源
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM