如何在Azure中使用Terraform创建多个安全规则?

时间:2019-02-18 09:42:37

标签: azure terraform terraform-provider-azure

我正在尝试创建一个包含多个安全规则的网络安全组。这个想法是创建一个列表变量(端口范围)并在.tf文件中插入列表项。下面的脚本抛出一个错误“优先级。

"Error: azurerm_network_security_group.k8hway: security_rule.0: invalid or unknown key: count"

下面是Terraform代码:

resource "azurerm_network_security_group" "NSG" {
  name     = "NSG-Demo"
  location = "${azurerm_resource_group.main.location}"
  resource_group_name  = "${azurerm_resource_group.main.name}"

  security_rule  {
      count = "${length(var.inbound_port_ranges)}"
      name                       = "sg-rule-${count.index}"
      direction                  = "Inbound"
      access                     = "Allow"
      priority                   = "(100 * (${count.index} + 1))"
      source_address_prefix      = "*"
      source_port_range          = "*"
      destination_address_prefix = "*"
      destination_port_range     = "${element(var.inbound_port_ranges, count.index)}"
      protocol                   = "TCP"
    }
}

1 个答案:

答案 0 :(得分:2)

我不认为属性支持计数,但是资源可以。使用网络安全组规则:

resource "azurerm_network_security_rule" "test" {
  count = "${length(var.inbound_port_ranges)}"
  name                       = "sg-rule-${count.index}"
  direction                  = "Inbound"
  access                     = "Allow"
  priority                   = "(100 * (${count.index} + 1))"
  source_address_prefix      = "*"
  source_port_range          = "*"
  destination_address_prefix = "*"
  destination_port_range     = "${element(var.inbound_port_ranges, count.index)}"
  protocol                   = "TCP"
}

阅读:

https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html