Terraform无法在Azure中创建存储帐户

时间:2019-06-13 04:46:01

标签: azure terraform

我有一个Terraform脚本,该脚本曾经能够在Azure好的环境中创建一个存储帐户,但是今天开始返回错误消息:

azurerm_storage_account.testsa: 1 error(s) occurred: 
* azurerm_storage_account.testsa: Error waiting for Azure Storage Account "terraformtesthubb" to be created: Future#WaitForCompletion: the number of retries has been exceeded: StatusCode=400 -- Original Error: Code="AadClientCredentialsGrantFailure" Message="Failure in AAD Client Credentials Grant Flow."

跟踪日志没有显示任何有用的信息,术语AadClientCredentialsGrantFailure在Google中实际上不返回任何内容。是什么原因?

1 个答案:

答案 0 :(得分:1)

为我自己回答这个问题,因为Google完全使我失败了。

事实证明这是Azure的问题。尽管在任何状态页面中都未列出任何错误,但该脚本在美国西部地区仍然可以使用,但在美国西部地区2可以使用。

几天后,这个问题消失了,所以这是一个间歇性的Azure问题。

编辑

作为参考,这是脚本。模板部署期间将替换#{Principal.TenantId}之类的标记。

provider "azurerm" {
  client_id = "#{Principal.Client}"
  client_secret = "#{Principal.Password}"
  subscription_id = "#{Principal.SubscriptionNumber}"
  tenant_id = "#{Principal.TenantId}"
}

resource "azurerm_resource_group" "testrg" {
  name     = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
  location = "#{Octopus.Environment.Name | ToLower}"
}

resource "azurerm_virtual_network" "test" {
  name                = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
  address_space       = ["10.0.0.0/16"]
  location            = "${azurerm_resource_group.testrg.location}"
  resource_group_name = "${azurerm_resource_group.testrg.name}"
}

resource "azurerm_subnet" "test" {
  name                 = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
  resource_group_name  = "${azurerm_resource_group.testrg.name}"
  virtual_network_name = "${azurerm_virtual_network.test.name}"
  address_prefix       = "10.0.2.0/24"
  service_endpoints    = ["Microsoft.Sql", "Microsoft.Storage"]
}

resource "azurerm_storage_account" "testsa" {
  name                     = "terraformtesthub#{Octopus.Environment.Name | ToLower}"
  resource_group_name      = "${azurerm_resource_group.testrg.name}"
  location                 = "#{Octopus.Environment.Name | ToLower}"
  account_tier             = "Standard"
  account_kind             = "StorageV2"
  account_replication_type = "RAGRS"
    lifecycle {
    prevent_destroy = true
  }
  network_rules {
    ip_rules                   = ["100.0.0.1"]
    virtual_network_subnet_ids = ["${azurerm_subnet.test.id}"]
  }
}