我想使用Azuread Provider创建应用程序注册,并将applictionid输出用于我的appservice中的配置。每当我计划时,我都会收到一条错误消息。如果我删除配置行,一切正常。
我试图将App-Registration放在一个模块中并处理输出,但是出现了相同的错误。
有人有建议吗?
Connect-AzAccount
Select-AzSubscription -SubscriptionName <yourSubscriptionName>
New-AzResourceGroupDeployment -Name AvailabilityAlertDeployment -ResourceGroupName ResourceGroupofApplicationInsightsComponent `
-TemplateFile availabilityalert.json -TemplateParameterFile availabilityalert.parameters.json
Appservice
//Azure App Registration
resource "azuread_application" "appregistration" {
name = "${var.state}Site-${var.typ}-ar"
reply_urls = ["https://${azurerm_app_service.appservice.default_site_hostname}/signin-callback"]
available_to_other_tenants = false
oauth2_allow_implicit_flow = true
}
resource "azuread_application_password" "AppRegistrationPwd" {
application_object_id = "${azuread_application.appregistration.id}"
value = "SOMECODE"
end_date = "2020-01-01T01:02:03Z"
}
resource "azuread_service_principal" "serviceprincipal" {
application_id = "${azuread_application.appregistration.application_id}"
app_role_assignment_required = false
}
错误:
resource "azurerm_app_service" "appservice" {
name = "${var.state}-Site-${var.typ}-as"
location = "${var.location}"
resource_group_name = "${azurerm_app_service_plan.serviceplan.resource_group_name}"
app_service_plan_id = "${azurerm_app_service_plan.serviceplan.id}"
site_config {
dotnet_framework_version = "v4.0"
scm_type = "LocalGit"
}
app_settings = {
"AzureAd:ClientId" = "${azuread_service_principal.serviceprincipal.application_id}"
}
}
答案 0 :(得分:1)
您的评论正确无误,资源azurerm_app_service需要资源application_id中的azuread_service_principal,而资源azuread_service_principal需要{{ 1}},因此会导致循环。
要打破循环,您可以通过reply_urls指定${azurerm_app_service.appservice.default_site_hostname},因为通常两个值都相同。
在您的代码中更改为${var.state}-Site-${var.typ}-as.azurewebsites.net。