如何识别集合值中的元素

Question

我在运行 terragrunt apply 时收到此错误消息。我需要能够在使用策略创建 SQS 和 DeadLetterQueue 时指定每个元素。我不确定如何解决此问题。我想找到一种方法来参考单独的DLQ直接与对应的SQS创建所需的资源

resource "aws_sqs_queue_policy" "Cloudtrail_SQS_Policy" {
  for_each  = toset(var.sqs_queue_names)
  queue_url = aws_sqs_queue.CloudTrail_SQS[each.key].id

  policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "sqspolicy",
  "Statement": [
    {
      "Sid": "AllowSQSInvocation",
      "Effect": "Allow",
      "Principal": {"AWS":"*"},
      "Action": "sqs:*",
      "Resource": "${aws_sqs_queue.CloudTrail_SQS[each.key].arn}"

resource "aws_sqs_queue_policy" "CloudTrail_SQS_DLQ"{
    for_each  = toset(var.dead_queue_names)
    queue_url = aws_sqs_queue.CloudTrail_SQS_DLQ[each.key].id

    policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "sqspolicy",
  "Statement": [
    {
      "Sid": "DLQ Policy",
      "Effect": "Allow",
      "Principal": {"AWS":"*"},
      "Action": "sqs:*",
      "Resource": "${aws_sqs_queue.CloudTrail_SQS_DLQ[each.key].arn}

Error Messages:

Error: Invalid index
│ 
│   on iam.tf line 3, in resource "aws_sqs_queue_policy" "Cloudtrail_SQS_Policy":
│    3:   queue_url = aws_sqs_queue.CloudTrail_SQS[each.key].id
│     ├────────────────
│     │ aws_sqs_queue.CloudTrail_SQS is object with 2 attributes
│     │ each.key is "CloudTrail_SQS_Management_Event"
│ 
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│ 
│   on iam.tf line 15, in resource "aws_sqs_queue_policy" "Cloudtrail_SQS_Policy":
│   15:       "Resource": "${aws_sqs_queue.CloudTrail_SQS[each.key].arn}",
│     ├────────────────
│     │ aws_sqs_queue.CloudTrail_SQS is object with 2 attributes
│     │ each.key is "CloudTrail_SQS_Data_Event"
│ 
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│ 
│   on iam.tf line 15, in resource "aws_sqs_queue_policy" "Cloudtrail_SQS_Policy":
│   15:       "Resource": "${aws_sqs_queue.CloudTrail_SQS[each.key].arn}",
│     ├────────────────
│     │ aws_sqs_queue.CloudTrail_SQS is object with 2 attributes
│     │ each.key is "CloudTrail_SQS_Management_Event"
│ 
│ The given key does not identify an element in this collection value.

Answer 1

我重构了您的整个代码，因为任何更改都会引发更多错误。在您的情况下，处理您的要求的最佳方式是使用 ma​​p，而不是 list 或 set。如果您不想要，您不必将输入变量设置为映射，尽管这样会更容易。但是保持输入变量不变，您可以创建 local.sqs_dlq_map 并使用它：

locals {
  sqs_dlq_map = zipmap(var.sqs_queue_names, var.dead_queue_names)
}


resource "aws_sqs_queue" "CloudTrail_SQS"{

    for_each                   = local.sqs_dlq_map
    name                       = each.key
    redrive_policy = jsonencode({
        deadLetterTargetArn    = aws_sqs_queue.CloudTrail_SQS_DLQ[each.key].arn
        maxReceiveCount        = 2 #var.max_receive_count
    })

    #tags = var.default_tags
    
}

resource "aws_sqs_queue" "CloudTrail_SQS_DLQ"{

    for_each                   = local.sqs_dlq_map
    name                       = each.value
   

    #tags = var.default_tags
}


resource "aws_sqs_queue_policy" "Cloudtrail_SQS_Policy" {
  for_each  = local.sqs_dlq_map
  queue_url = aws_sqs_queue.CloudTrail_SQS[each.key].id

  policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "sqspolicy",
  "Statement": [
    {
      "Sid": "AllowSQSInvocation",
      "Effect": "Allow",
      "Principal": {"AWS":"*"},
      "Action": "sqs:*",
      "Resource": "${aws_sqs_queue.CloudTrail_SQS[each.key].arn}"
    }]
}
POLICY
}

resource "aws_sqs_queue_policy" "CloudTrail_SQS_DLQ"{
    for_each  = local.sqs_dlq_map
    queue_url = aws_sqs_queue.CloudTrail_SQS_DLQ[each.key].id

    policy = <<POLICY
{
  "Version": "2012-10-17",
  "Id": "sqspolicy",
  "Statement": [
    {
      "Sid": "DLQ Policy",
      "Effect": "Allow",
      "Principal": {"AWS":"*"},
      "Action": "sqs:*",
      "Resource": "${aws_sqs_queue.CloudTrail_SQS_DLQ[each.key].arn}"
    }]
}
POLICY
}