terraform application_security_group_ids无效或未知密钥

时间:2018-04-09 13:34:34

标签: azure terraform terraform-provider-azure

尝试通过Terraform使新的GA'ed Azure应用安全组工作。每个https://www.terraform.io/docs/providers/azurerm/r/network_interface.html的文档将application_security_group_ids显示为NIC的有效参数,但在尝试使用以下代码进行terraform计划时,我正在获取

“错误:azurerm_network_interface.my_nic ::无效或未知密钥:application_security_group_ids”

resource "azurerm_resource_group" "my_vnet_rg" {
  name = "my_vnet_rg"
  location = "US East 2"
}

resource "azurerm_virtual_network" "my_vnet" {
  name = "my_vnet"
  resource_group_name = "my_vnet_rg"
  address_space = ["10.10.0.0/16"]
  location = "US East 2"
}

resource "azurerm_subnet" "my_subnet" {
  name                 = "my_subnet"
  resource_group_name  = "my_vnet_rg"
  virtual_network_name = "my_vnet"
  address_prefix       = "10.10.10.0/24"
  network_security_group_id = "${azurerm_network_security_group.my_nsg.id}"
}

resource "azurerm_network_security_group" "my_nsg" {
  name                = "my_nsg"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"
}

resource "azurerm_application_security_group" "my_asg" {
  name                = "my_asg"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"
}

resource "azurerm_network_security_rule" "my_httprule" {
  name                        = "my_httprule"
  priority                    = 100
  direction                   = "inbound"
  access                      = "Allow"
  protocol                    = "Tcp"
  source_port_range           = "*"
  destination_port_range      = "80"
  source_address_prefix       = "*"
  destination_application_security_group_ids = ["${azurerm_application_security_group.my_asg.id}"]
  resource_group_name         = "my_vnet_rg"
  network_security_group_name = "my_nsg"
}

resource "azurerm_network_interface" "my_nic" {
  name                = "my_nic"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"
  application_security_group_ids = ["${azurerm_application_security_group.my_asg.id}"]

  ip_configuration {
    name                          = "my_nicconf"
    subnet_id                     = "${azurerm_subnet.my_subnet.id}"
    private_ip_address_allocation = "dynamic"
  }
}

Terraform v0.11.6,provider.azurerm v1.3.2

这是一个错误吗?

1 个答案:

答案 0 :(得分:2)

参数位于错误的块中,需要位于ip_configuration子块中:

resource "azurerm_network_interface" "my_nic" {
  name                = "my_nic"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"


  ip_configuration {
    name                          = "my_nicconf"
    subnet_id                     = "${azurerm_subnet.my_subnet.id}"
    private_ip_address_allocation = "dynamic"
    application_security_group_ids = ["${azurerm_application_security_group.my_asg.id}"]
  }
}
相关问题
最新问题