Link subnets to NSGs(ERROR-for_each map includes keys derived from resource attributes that cannot be determined until apply)

Objective:Link multiple subnets in the environment to corresponding NSGs using a module (NSGs and Subnets have been created using separate modules)

Root Module:
1.main.tf

resource "azurerm_subnet_network_security_group_association" "root_subnet_nsg_association" {
  subnet_id                 = var.subnet_id
  network_security_group_id = var.nsg_id
}

2.variables.tf

variable "subnet_id"{
    #type=number
     type=string
    description="ID of the subnet which is to be attached to NSG"
    #default=""
}

variable "nsg_id"{
    #type=number
    type=string
    description="ID of the NSG which is to be associated with a subnet"
    #default=""
}

Calling Module in Projects Folder:
(for_each used to iterate the module)

1.nsg_subnet_association.tf

module "nsg_subnet_asosciation_module"{
source="../../Modules/network/nsg_subnet_association"

#Variable names to be passed into the root module:
#Use for_each to loop the module:

#for_each accepts a set or map but not list as a value

for_each          = local.nsg_subnet_association

subnet_id=each.key
nsg_id=each.value
}

2.locals block passing in values to the calling module:
NOTE:It is possible to have dynamic keys in the map using parenthesis ()

locals{ //Key in subnet name and NSG name for each element of the LIST
        //Implicit dependence on Subnet and NSG being created before attempt to associate

     #It is possible to have dynamic keys using parenthesis () as seen on left below   
     nsg_subnet_association={
        (module.subnet_module["MGT-Subnet-1"].subnet_id)= module.nsg_module["HUB-NSG"].nsg_id
        (module.subnet_module["MGT-Subnet-1"].subnet_id) = module.nsg_module["MGT-NSG"].nsg_id
        (module.subnet_module["SEC-Subnet-1"].subnet_id) = module.nsg_module["SEC-NSG"].nsg_id
    }

}

This ends up with the following error:
The “for_each” map includes keys derived from resource attributes that cannot be determined until apply, and so Terraform cannot determine the full set of keys that will identify the instances of this resource.
When working with unknown values in for_each, it’s better to define the map keys statically in your configuration and place apply-time results only in the map values.
Alternatively, you could use the -target planning option to first apply only the resources that the for_each value depends on, and then apply a second time to fully converge.

As an alternative,I tried to do the following:

1.Declare locals as list of map

locals{ //Key in subnet name and NSG name for each element of the LIST
        //Implicit dependence on Subnet and NSG being created before attempt to associate
    nsg_subnet_association=[
        {
            subnet_id=module.subnet_module["HUB-Subnet-1"].subnet_id
            nsg_id=module.nsg_module["HUB-NSG"].nsg_id
        },
        {
            subnet_id=module.subnet_module["MGT-Subnet-1"].subnet_id
            nsg_id=module.nsg_module["MGT-NSG"].nsg_id
        },
        {
            subnet_id=module.subnet_module["SEC-Subnet-1"].subnet_id
            nsg_id=module.nsg_module["SEC-NSG"].nsg_id
        }
    ]

  

2.Convert list to map while using calling module:

module "nsg_subnet_asosciation_module"{
source="../../Modules/network/nsg_subnet_association"

#Variable names to be passed into the root module:
#Use for_each to loop the module:

#for_each accepts a set or map but not list as a value,manipulation is needed:
#Convert list to map using 'for' expression. 
#NOTE:The type of brackets around the for expression decide what type of result it produces.

for_each          = {for index,association in local.nsg_subnet_association:association.subnet_id=>association.nsg_id}

subnet_id=each.key
nsg_id=each.value
}

I still end up with the same error. Any inputs to achieve the association of subnet to NSG would be appreciated.

Some articles suggest using count() ,but any additions in random order(to locals) can lead to destruction of entire association previously done.