堆棧內存溢出
  簡體   English   中英

terraform for_each 索引問題,無效索引

[英]terraform for_each index issue, invalid index

 原文  2022-05-04 07:20:36       amazon-web-services/ terraform/ terraform-provider-aws

問題描述

該錯誤似乎與這篇文章中提到的相同( Terraform for_each loop.Invalid index ); 盡管答案似乎與我想做的事情無關; 所以發布為新問題

Terraform version: 0.13.6
aws provider version is: 3.7

我想做的是,在多個帳戶中使用 s3 存儲桶創建模塊。 s3 存儲桶配置,我將其保存在本地。 S3 存儲桶名稱將通過變量(字符串列表)傳遞,如果本地 s3_buckets 變量中存在 s3 存儲桶名稱,則配置應該從那里獲取。 例如,對於帳戶 1,將僅創建 bucket1,對於帳戶 2,將創建 bucket1 和 bucket 3 等。

我希望基於我傳遞的“var.s3_buckets”值,它會從本地找到正確的配置; 但是,出於某種原因,它會查找所有值,因此我認為使用索引會出錯。 我想我錯過了一些東西,雖然無法弄清楚它是什么..

我傳遞的變量是

var.kms_keys = {"bucket2":"org/bucket"}
var.s3_buckets = ["bucket2]

我得到的錯誤是:

Error: Invalid index

  on modules/../main.tf line 22, in locals:
  22:       kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
    |----------------
    | aws_kms_key.logging_kms_keys is object with 1 attribute "bucket2"

The given key does not identify an element in this collection value.

代碼是

locals {
  s3_buckets = {
    bucket1 = { 
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket1"].arn
    },
    bucket2 = { 
      bucket_policy = templatefile("bucket2.json",
        {
          bucket_name = "bucket2"
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
    },
    bucket3= { 
      bucket_policy = templatefile("bucket3.json",
        {
          bucket_name = "bucket3"
          kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket3"].arn
    }

  }
}
.
.
resource "aws_kms_key" "logging_kms_keys" {
  for_each = var.kms_keys

  description         = "${each.value} KMS Key"
  enable_key_rotation = true
  policy              = lookup(local.kms_policies, each.key, "")
  is_enabled          = true
}

resource "aws_s3_bucket" "logging_buckets" {
  for_each = toset(var.s3_buckets)

  bucket        = each.key
  acl           = lookup(local.s3_buckets[each.key], "acl", "private")
  policy        = lookup(local.s3_buckets[each.key], "bucket_policy", "")
  force_destroy = false

  server_side_encryption_configuration {
    rule {
      apply_server_side_encryption_by_default {
        kms_master_key_id = lookup(local.s3_buckets[each.key], "kms_key_arn", data.aws_kms_alias.default_kms_key.arn)
        sse_algorithm     = "aws:kms"
      }
      bucket_key_enabled = true
    }
  }

}

1 個解決方案

解決方案1
 1  2022-05-04 09:11:10

如果您只有bucket2 ,則不能在locals引用bucket1bucket3 ,因為它們不存在。 因此它應該是:

locals {
  s3_buckets = {
    bucket2 = { 
      bucket_policy = templatefile("bucket2.json",
        {
          bucket_name = "bucket2"
        }
      )
      kms_key_arn = aws_kms_key.logging_kms_keys["bucket2"].arn
    }
  }
}

或者您可以使用for_each迭代地執行此操作:

locals {
  s3_buckets = { for bucket, kms in aws_kms_key.logging_kms_keys:
    "${bucket}" => { 
      bucket_policy = templatefile("${bucket}.json",
        {
          bucket_name = bucket
        }
      )
      kms_key_arn = kms.arn
    }
  }
}

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 Terraform for_each 里面的 for_each? Terraform 中的 for_each 和 count 表達式 Terraform: for_each 一個一個 Terraform 帶 for_each 的條件數量 Terraform for_each 迭代超過 object 如何在地形中使用'depends_on'和'for_each'? Terraform for_each 文件迭代 function 來自 terraform 的 for_each 參數不受支持 Terraform - 在 for_each 循環中引用循環資源 使用 terraform 循環 for_each 嵌套資源
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM