我有一个字符串,其中有多个子字符串需要替换。
字符串:
string1 = "I want to fly tomorrow"
我需要从地图上取出任何需要替换的东西。
地图:
map1 = {
"I": "we"
"want": "do not want"
"tomorrow": "today"
}
因此,映射中的键map1是字符串中需要替换的内容string1,值应该是字符串中的新值。
结果应该是这样的:
we do not want to fly today
我一直在想一个解决方案,但还差得远。
我试过这个:
try = [for replacement in keys(local.map1): replace(local.string1, replacement, local.map1[replacement])]
但这会返回一个字符串列表,每个字符串仅替换一个值。
注意:string1和map1只是示例,它们可以有任何其他值,所以我正在寻找通用解决方案:)
我正在尝试创建一个 lambda 角色并将策略附加到它,以便它可以启动和停止 ec2 实例。我将使用 cloudwatch 触发 lambda。
我收到此错误:“错误:错误创建 IAM 角色 lambdaRole:MalformedPolicyDocument:JSON 字符串不能有前导空格状态代码:400,请求 ID:d6a86c41-6601-43af-9040-81f6e6a76ec8
在 iam.tf 第 11 行,在资源 "aws_iam_role" "lambdaRole": 11: 资源 "aws_iam_role" "lambdaRole" {"
terraform {
backend "s3" {
region = "us-west-2"
bucket = "gitlegionbucket"
key = "ec2/terraform.tfstate"
dynamodb_table = "tf-state-lock"
}
}
resource "aws_iam_role" "lambdaRole" {
name = "lambdaRole"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "ec2.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
EOF
}
resource "aws_iam_policy" "policy" …现在,除了最后一步将数据从 Firehose 发送到 Elasticsearch 之外,一切都已准备就绪并且运行良好。
这是我在 Kinesis Firehose Elasticsearch 服务日志中收到的错误:
Error received from Elasticsearch cluster. {"error":{"root_cause":[{"type":"security_exception","reason":"no permissions for [indices:data/write/bulk] and User [name=arn:aws:iam::917877325894:role/firehose_delivery_role, backend_roles=[arn:aws:iam::917877325894:role/firehose_delivery_role], requestedTenant=null]"}],"type":"security_exception","reason":"no permissions for [indices:data/write/bulk] and User [name=arn:aws:iam::917877325894:role/firehose_delivery_role, backend_roles=[arn:aws:iam::917877325894:role/firehose_delivery_role], requestedTenant=null]"},"status":403}
这是我附加的 IAM 策略(由 Firehose 自己制定)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Action": [
"ec2:DescribeVpcs",
"ec2:DescribeVpcAttribute",
"ec2:DescribeSubnets",
"ec2:DescribeSecurityGroups",
"ec2:DescribeNetworkInterfaces",
"ec2:CreateNetworkInterface",
"ec2:CreateNetworkInterfacePermission",
"ec2:DeleteNetworkInterface"
],
"Resource": "*"
},
{
"Sid": "",
"Effect": "Allow",
"Action": [
"s3:AbortMultipartUpload",
"s3:GetBucketLocation",
"s3:GetObject",
"s3:ListBucket",
"s3:ListBucketMultipartUploads",
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::test-kinesis-backup-mydna",
"arn:aws:s3:::test-kinesis-backup-mydna/*"
] …amazon-web-services amazon-iam amazon-kinesis amazon-elasticsearch amazon-kinesis-firehose