Terraform:无效索引

问题描述 投票:0回答:0

我使用https://github.com/terraform-aws-modules/terraform-aws-vpc提供VPC,使用https://registry.terraform.io/modules/aws-ia/networkfirewall/aws/ latest 配置防火墙。我得到如下错误。如何定义local.availability_zones[count.index]来满足呢?

│ Error: Invalid index
│
│   on .terraform/modules/network_firewall/main.tf line 50, in resource "aws_route" "igw_route_table_to_protected_subnets":
│   50:   destination_cidr_block = var.routing_configuration.single_vpc.protected_subnet_cidr_blocks[local.availability_zones[count.index]]
│     ├────────────────
│     │ count.index is 0
│     │ local.availability_zones is list of string with 1 element
│     │ var.routing_configuration.single_vpc.protected_subnet_cidr_blocks is list of string with 3 elements
│
│ The given key does not identify an element in this collection value: a
│ number is required.

我不明白我从哪里得到的,“local.availability_zones 是包含 1 个元素的字符串列表”,而 var.routing_configuration.single_vpc.protected_subnet_cidr_blocks 是包含 3 个元素的字符串列表。相关代码如下

main.tf

# AWS Network Firewall - Module: https://registry.terraform.io/modules/aws-ia/networkfirewall/aws/latest
module "network_firewall" {
  source  = "aws-ia/networkfirewall/aws"
  version = "0.1.1"

  network_firewall_name   = "anfw-${var.identifier}"
  network_firewall_policy = aws_networkfirewall_firewall_policy.anfw_policy.arn

  vpc_id      = data.terraform_remote_state.vpc.outputs.vpc_id
  number_azs  = var.number_azs

  #vpc_subnets: Firewall subnet (private subnet)
  vpc_subnets = var.private_subnets

  #protected_subnet: private subnet.
  routing_configuration = {
    single_vpc = {
      igw_route_table               = data.terraform_remote_state.vpc.outputs.igw_id
      protected_subnet_route_tables = data.terraform_remote_state.vpc.outputs.private_route_table_ids
      protected_subnet_cidr_blocks  = data.terraform_remote_state.vpc.outputs.private_subnets_cidr_blocks
    }
  }
}

变量.tf

variable "region" {
  type        = string
  default     = "us-west-2"
}

# Project Identifier
variable "identifier" {
  type        = string
  description = "Project Name, used as identifer when creating resources."
  default     = "anfw-strict-rule"
}

variable "number_azs" {
  type        = number
  description = "Number of Availability Zones to create resources in the VPC."
  default     = 1
}

variable "private_subnets" {
  type = any
  default = {
    us-west-2a = "subnet-##########"
  }
}
terraform terraform-provider-aws
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.