[英]terraform for_each index issue, invalid index
该错误似乎与这篇文章中提到的相同( Terraform for_each loop.Invalid index ); 尽管答案似乎与我想做的事情无关; 所以发布为新问题
Terraform version: 0.13.6
aws provider version is: 3.7
我想做的是,在多个帐户中使用 s3 存储桶创建模块。 s3 存储桶配置,我将其保存在本地。 S3 存储桶名称将通过变量(字符串列表)传递,如果本地 s3_buckets 变量中存在 s3 存储桶名称,则配置应该从那里获取。 例如,对于帐户 1,将仅创建 bucket1,对于帐户 2,将创建 bucket1 和 bucket 3 等。
我希望基于我传递的“var.s3_buckets”值,它会从本地找到正确的配置; 但是,出于某种原因,它会查找所有值,因此我认为使用索引会出错。 我想我错过了一些东西,虽然无法弄清楚它是什么..
我传递的变量是
var.kms_keys = {"bucket2":"org/bucket"}
var.s3_buckets = ["bucket2]
我得到的错误是:
Error: Invalid index
on modules/../main.tf line 22, in locals:
22: kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
|----------------
| aws_kms_key.logging_kms_keys is object with 1 attribute "bucket2"
The given key does not identify an element in this collection value.
代码是
locals {
s3_buckets = {
bucket1 = {
kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
},
bucket2 = {
bucket_policy = templatefile("bucket2.json",
{
bucket_name = "bucket2"
}
)
kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
},
bucket3= {
bucket_policy = templatefile("bucket3.json",
{
bucket_name = "bucket3"
kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
}
)
kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
}
}
}
.
.
resource "aws_kms_key" "logging_kms_keys" {
for_each = var.kms_keys
description = "${each.value} KMS Key"
enable_key_rotation = true
policy = lookup(local.kms_policies, each.key, "")
is_enabled = true
}
resource "aws_s3_bucket" "logging_buckets" {
for_each = toset(var.s3_buckets)
bucket = each.key
acl = lookup(local.s3_buckets[each.key], "acl", "private")
policy = lookup(local.s3_buckets[each.key], "bucket_policy", "")
force_destroy = false
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
kms_master_key_id = lookup(local.s3_buckets[each.key], "kms_key_arn", data.aws_kms_alias.default_kms_key.arn)
sse_algorithm = "aws:kms"
}
bucket_key_enabled = true
}
}
}
如果您只有bucket2
,则不能在locals
引用bucket1
或bucket3
,因为它们不存在。 因此它应该是:
locals {
s3_buckets = {
bucket2 = {
bucket_policy = templatefile("bucket2.json",
{
bucket_name = "bucket2"
}
)
kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
}
}
}
或者您可以使用for_each
迭代地执行此操作:
locals {
s3_buckets = { for bucket, kms in aws_kms_key.logging_kms_keys:
"${bucket}" => {
bucket_policy = templatefile("${bucket}.json",
{
bucket_name = bucket
}
)
kms_key_arn = kms.arn
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.