我有一个Terraform脚本,该脚本曾经能够在Azure好的环境中创建一个存储帐户,但是今天开始返回错误消息:
azurerm_storage_account.testsa: 1 error(s) occurred:
* azurerm_storage_account.testsa: Error waiting for Azure Storage Account "terraformtesthubb" to be created: Future#WaitForCompletion: the number of retries has been exceeded: StatusCode=400 -- Original Error: Code="AadClientCredentialsGrantFailure" Message="Failure in AAD Client Credentials Grant Flow."
跟踪日志没有显示任何有用的信息,术语AadClientCredentialsGrantFailure
在Google中实际上不返回任何内容。是什么原因?
答案 0 :(得分:1)
为我自己回答这个问题,因为Google完全使我失败了。
事实证明这是Azure的问题。尽管在任何状态页面中都未列出任何错误,但该脚本在美国西部地区仍然可以使用,但在美国西部地区2可以使用。
几天后,这个问题消失了,所以这是一个间歇性的Azure问题。
作为参考,这是脚本。模板部署期间将替换#{Principal.TenantId}
之类的标记。
provider "azurerm" {
client_id = "#{Principal.Client}"
client_secret = "#{Principal.Password}"
subscription_id = "#{Principal.SubscriptionNumber}"
tenant_id = "#{Principal.TenantId}"
}
resource "azurerm_resource_group" "testrg" {
name = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
location = "#{Octopus.Environment.Name | ToLower}"
}
resource "azurerm_virtual_network" "test" {
name = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
address_space = ["10.0.0.0/16"]
location = "${azurerm_resource_group.testrg.location}"
resource_group_name = "${azurerm_resource_group.testrg.name}"
}
resource "azurerm_subnet" "test" {
name = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
resource_group_name = "${azurerm_resource_group.testrg.name}"
virtual_network_name = "${azurerm_virtual_network.test.name}"
address_prefix = "10.0.2.0/24"
service_endpoints = ["Microsoft.Sql", "Microsoft.Storage"]
}
resource "azurerm_storage_account" "testsa" {
name = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
resource_group_name = "${azurerm_resource_group.testrg.name}"
location = "#{Octopus.Environment.Name | ToLower}"
account_tier = "Standard"
account_kind = "StorageV2"
account_replication_type = "RAGRS"
lifecycle {
prevent_destroy = true
}
network_rules {
ip_rules = ["100.0.0.1"]
virtual_network_subnet_ids = ["${azurerm_subnet.test.id}"]
}
}