Terraform for_each invalid index

Hello guys. Sorry to bother but I have this issue and its taking me over a day to figure out the issue.

The aim of this project is to automate the creation of a azure keyvaul(with a key), x number of storage accounts, and after use the keys created in the key vault to encrypt those storage account accordingly.

So far to achieve this, I am declaring the storage accounts in a variable as follow:

variable "storage-foreach" {
  type    = map(string)
  default = { 1 = "storage1", 2 = "storage2", 4 = "storage3", 5 = "storage4" }
}

and the key_vault_keys declared as follow:

variable "key-name" {
  type    = list(string)
  default = ["key1", "key2", "key3", "key4"]
}

the resource to create those storages and keys are as follow:

resource "azurerm_key_vault_secret" "storagesctforeach" {
  for_each     = var.storage-foreach
  key_vault_id = azurerm_key_vault.tenantsnbshared.id
  name         = each.value
  value        = azurerm_storage_account.storage-foreach[each.key].primary_connection_string
  content_type = "${each.value} Storage Account Connection String"
  lifecycle {
    prevent_destroy = false
  }
}

and the keys:

resource "azurerm_key_vault_key" "client-key" {
  for_each     = toset(var.key-name)
  key_vault_id = azurerm_key_vault.tenantsnbshared.id
  name         = "Key-Client-${each.value}"
  key_opts = [
    "decrypt",
    "encrypt",
    "sign",
    "unwrapKey",
    "verify",
    "wrapKey",
  ]
  key_type   = "RSA"
  key_size   = 2048
  depends_on = [azurerm_key_vault.tenantsnbshared]

}

so far everything works fine and the keys get created as the storages.

but here where I encounter my problem.

resource "azurerm_storage_account_customer_managed_key" "storage-managed-key" {
  for_each = toset(var.key-name)
  key_name = "Key-Client-${each.value}"
  key_vault_id = azurerm_key_vault.tenantsnbshared.id
  key_version = azurerm_key_vault_key.client-key[each.value].version
  storage_account_id = azurerm_storage_account.storage-foreach[var.storage-foreach[each.value]].id
  depends_on = [azurerm_key_vault_access_policy.storage, azurerm_storage_account.storage-foreach]
}

When I try to loop through all the keys and the storage account for the encryption, I get this error:

Error: Invalid index

  on main.tf line 173, in resource "azurerm_storage_account_customer_managed_key" "storage-managed-key":
 173:   storage_account_id = azurerm_storage_account.storage-foreach[var.storage-foreach[each.value]].id
    |----------------
    | each.value is "key1"
    | var.storage-foreach is map of string with 4 elements

The given key does not identify an element in this collection value.

Which is understandable. As far as I can understand the issue is related to those 2 lines:

for_each = toset(var.key-name)
and
storage_account_id = azurerm_storage_account.storage-foreach[var.storage-foreach[each.value]].id

In my terminal I see that the var.key-name is pointing to the correct variable and so the var.storage, but when I run terraform plan the each.value in the storage-account get override with the var.key-name values, reason why the error that it cannot find that value.

So I was wondering if there is any way how I can fix this problem.

The only other solution that I tried and it worked, it by using the count, but as that is strictly a indexer, I don’t want it, because if I modify the position of the elements in my variable, that will destroy everything to update the index.

Thank you so much for your help guys