Terraform 数据源无法获取现有资源
Terraform data source not able to fetch existing resource
无法使用 Terraform 数据源获取现有资源。我遇到错误,
一个存储账户可以运行成功
但我需要实现的是,对于第一个存储帐户创建私有 DNS 区域“privatelink.blob.core.windows.net”,后续存储帐户使用现有的私有 DNS 区域“privatelink.blob.core.windows.net”。
为此,我正在使用 lookup 变量,如果它是 true ,则不创建只查找现有资源,如果 false 则创建它。
有人可以帮忙吗,我在下面的代码中做错了什么。下面共享所有必需的详细信息。如果需要其他信息,请发表评论。
Error: Private DNS Zone "privatelink.blob.core.windows.net" (Resource Group "rg1") was not found
│
│ with module.storage[1].data.azurerm_private_dns_zone.lookup[0],
│ on ../../../../modules/storage/main.tf line 57, in data "azurerm_private_dns_zone" "lookup":
│ 57: data "azurerm_private_dns_zone" "lookup" {
下面是模块main.tf
resource "azurerm_storage_account" "main" {
name = var.storage_name
resource_group_name = var.storage_resource_group_name
location = var.storage_location
account_tier = var.account_tier
account_kind = var.account_kind
account_replication_type = var.account_replication_type
enable_https_traffic_only = var.enable_https_traffic_only
min_tls_version = var.min_tls_version
allow_blob_public_access = var.allow_blob_public_access
tags = var.tags
depends_on = [
azurerm_private_dns_zone.main
]
}
resource "azurerm_storage_container" "main" {
count = length(var.container_names)
name = var.container_names[count.index]
storage_account_name = azurerm_storage_account.main.name
container_access_type = var.container_access_type
}
resource "azurerm_storage_account_network_rules" "main" {
storage_account_id = azurerm_storage_account.main.id
default_action = var.default_action
ip_rules = var.ip_rules
virtual_network_subnet_ids = var.virtual_network_subnet_ids
bypass = var.bypass
}
resource "azurerm_private_endpoint" "main" {
name = var.pep_name
location = var.pep_location
resource_group_name = var.pep_resource_group_name
subnet_id = var.pep_subnet_id
private_service_connection {
name = var.psc_name
private_connection_resource_id = azurerm_storage_account.main.id
subresource_names = var.subresource_names
is_manual_connection = var.is_manual_connection
}
private_dns_zone_group {
name = var.private_dns_group_name
private_dns_zone_ids = var.lookup_private_dns_zone_name ? [data.azurerm_private_dns_zone.lookup[0].id] : [azurerm_private_dns_zone.main[0].id]
}
}
resource "azurerm_private_dns_zone" "main" {
count = var.lookup_private_dns_zone_name ? 0 : 1
name = var.private_dns_zone_name
resource_group_name = var.private_dns_zone_resource_group_name
}
data "azurerm_private_dns_zone" "lookup" {
count = var.lookup_private_dns_zone_name ? 1 : 0
name = azurerm_private_dns_zone.main[0].name
resource_group_name = azurerm_private_dns_zone.main[0].resource_group_name
depends_on = [
azurerm_private_dns_zone.main
]
}
resource "azurerm_private_dns_zone_virtual_network_link" "main" {
name = var.private_dns_zone_virtual_network_link_name
resource_group_name = var.private_dns_zone_virtual_network_link_resource_group_name
private_dns_zone_name = var.lookup_private_dns_zone_name ? data.azurerm_private_dns_zone.lookup[0].name : azurerm_private_dns_zone.main[0].name
virtual_network_id = var.private_dns_zone_virtual_nevtwork_id
}
调用根模块:
module "storage" {
count = length(var.storage)
source = "../../../../modules/storage"
storage_name = join("", [local.prefix, "store", var.storage[count.index].id])
lookup_private_dns_zone_name = try(var.storage[count.index].lookup_private_dns_zone_name, false)
storage_resource_group_name = var.storage[count.index].resource_group_name
storage_location = var.storage[count.index].location
account_replication_type = try(var.storage[count.index].account_replication_type, "GRS")
tags = merge(try(var.storage[count.index].tags, {}), local.tags)
container_names = try(var.storage[count.index].container_names, [])
virtual_network_subnet_ids = try(var.storage[count.index].virtual_network_subnet_ids, [])
default_action = try(var.storage[count.index].default_action, "Deny")
pep_name = join("", [local.prefix, "pepstore", var.storage[count.index].id])
pep_location = var.storage[count.index].location
pep_resource_group_name = var.storage[count.index].resource_group_name
pep_subnet_id = var.storage[count.index].pep_subnet_id
psc_name = join("", [local.prefix, "pscstore", var.storage[count.index].id])
is_manual_connection = false
private_dns_group_name = join("", [local.prefix, "dnsgroupstore", var.storage[count.index].id])
private_dns_zone_name = "privatelink.blob.core.windows.net"
private_dns_zone_resource_group_name = var.storage[count.index].resource_group_name
private_dns_zone_virtual_network_link_name = join("", [local.prefix, "pdzvnlstore", var.storage[count.index].id])
private_dns_zone_virtual_network_link_resource_group_name = var.storage[count.index].resource_group_name
private_dns_zone_virtual_network_id = var.storage[count.index].private_dns_zone_virtual_network_id
depends_on = [module.resource_group]
}
输入文件poc.tfvars.json:
{"storage": [
{
"id": "04",
"resource_group_name": "rg1",
"location": "westus2",
"pep_subnet_id": "sub_net_resource_id",
"private_dns_zone_virtual_network_id": "virtual_network_id",
"container_names": ["containerinfratfswsu2ctedev"]
},
{
"id": "05",
"lookup_private_dns_zone_name": true,
"resource_group_name": "WUS2-DEV-PE-CTE-CCI-TF-REPO-RG",
"location": "westus2",
"pep_subnet_id": "subnet_resource_id",
"private_dns_zone_virtual_network_id": "virtual_network_id"
}
]}
因为您正在使用:
module "storage" {
count = length(var.storage)
您的模块的两个实例将同时创建,而不是连续创建。很明显,模块的第二个实例失败了,因为它是在第一个实例的同时(而不是之后)创建的。所以此时此刻,没有azurerm_private_dns_zone.
您要么必须手动 运行 模块,一个接一个 depends_on,或者以某种方式将 lookup_private_dns_zone_name 功能提取到它自己的模块中,即 运行 在一切之前。
另一种选择是使用 External Data Source 激活第二个实例模块,并人为地停止它直到 azurerm_private_dns_zone 存在。但是,依靠它来传递它是非常老套的。
无法使用 Terraform 数据源获取现有资源。我遇到错误,
一个存储账户可以运行成功
但我需要实现的是,对于第一个存储帐户创建私有 DNS 区域“privatelink.blob.core.windows.net”,后续存储帐户使用现有的私有 DNS 区域“privatelink.blob.core.windows.net”。
为此,我正在使用 lookup 变量,如果它是 true ,则不创建只查找现有资源,如果 false 则创建它。
有人可以帮忙吗,我在下面的代码中做错了什么。下面共享所有必需的详细信息。如果需要其他信息,请发表评论。
Error: Private DNS Zone "privatelink.blob.core.windows.net" (Resource Group "rg1") was not found
│
│ with module.storage[1].data.azurerm_private_dns_zone.lookup[0],
│ on ../../../../modules/storage/main.tf line 57, in data "azurerm_private_dns_zone" "lookup":
│ 57: data "azurerm_private_dns_zone" "lookup" {
下面是模块main.tf
resource "azurerm_storage_account" "main" {
name = var.storage_name
resource_group_name = var.storage_resource_group_name
location = var.storage_location
account_tier = var.account_tier
account_kind = var.account_kind
account_replication_type = var.account_replication_type
enable_https_traffic_only = var.enable_https_traffic_only
min_tls_version = var.min_tls_version
allow_blob_public_access = var.allow_blob_public_access
tags = var.tags
depends_on = [
azurerm_private_dns_zone.main
]
}
resource "azurerm_storage_container" "main" {
count = length(var.container_names)
name = var.container_names[count.index]
storage_account_name = azurerm_storage_account.main.name
container_access_type = var.container_access_type
}
resource "azurerm_storage_account_network_rules" "main" {
storage_account_id = azurerm_storage_account.main.id
default_action = var.default_action
ip_rules = var.ip_rules
virtual_network_subnet_ids = var.virtual_network_subnet_ids
bypass = var.bypass
}
resource "azurerm_private_endpoint" "main" {
name = var.pep_name
location = var.pep_location
resource_group_name = var.pep_resource_group_name
subnet_id = var.pep_subnet_id
private_service_connection {
name = var.psc_name
private_connection_resource_id = azurerm_storage_account.main.id
subresource_names = var.subresource_names
is_manual_connection = var.is_manual_connection
}
private_dns_zone_group {
name = var.private_dns_group_name
private_dns_zone_ids = var.lookup_private_dns_zone_name ? [data.azurerm_private_dns_zone.lookup[0].id] : [azurerm_private_dns_zone.main[0].id]
}
}
resource "azurerm_private_dns_zone" "main" {
count = var.lookup_private_dns_zone_name ? 0 : 1
name = var.private_dns_zone_name
resource_group_name = var.private_dns_zone_resource_group_name
}
data "azurerm_private_dns_zone" "lookup" {
count = var.lookup_private_dns_zone_name ? 1 : 0
name = azurerm_private_dns_zone.main[0].name
resource_group_name = azurerm_private_dns_zone.main[0].resource_group_name
depends_on = [
azurerm_private_dns_zone.main
]
}
resource "azurerm_private_dns_zone_virtual_network_link" "main" {
name = var.private_dns_zone_virtual_network_link_name
resource_group_name = var.private_dns_zone_virtual_network_link_resource_group_name
private_dns_zone_name = var.lookup_private_dns_zone_name ? data.azurerm_private_dns_zone.lookup[0].name : azurerm_private_dns_zone.main[0].name
virtual_network_id = var.private_dns_zone_virtual_nevtwork_id
}
调用根模块:
module "storage" {
count = length(var.storage)
source = "../../../../modules/storage"
storage_name = join("", [local.prefix, "store", var.storage[count.index].id])
lookup_private_dns_zone_name = try(var.storage[count.index].lookup_private_dns_zone_name, false)
storage_resource_group_name = var.storage[count.index].resource_group_name
storage_location = var.storage[count.index].location
account_replication_type = try(var.storage[count.index].account_replication_type, "GRS")
tags = merge(try(var.storage[count.index].tags, {}), local.tags)
container_names = try(var.storage[count.index].container_names, [])
virtual_network_subnet_ids = try(var.storage[count.index].virtual_network_subnet_ids, [])
default_action = try(var.storage[count.index].default_action, "Deny")
pep_name = join("", [local.prefix, "pepstore", var.storage[count.index].id])
pep_location = var.storage[count.index].location
pep_resource_group_name = var.storage[count.index].resource_group_name
pep_subnet_id = var.storage[count.index].pep_subnet_id
psc_name = join("", [local.prefix, "pscstore", var.storage[count.index].id])
is_manual_connection = false
private_dns_group_name = join("", [local.prefix, "dnsgroupstore", var.storage[count.index].id])
private_dns_zone_name = "privatelink.blob.core.windows.net"
private_dns_zone_resource_group_name = var.storage[count.index].resource_group_name
private_dns_zone_virtual_network_link_name = join("", [local.prefix, "pdzvnlstore", var.storage[count.index].id])
private_dns_zone_virtual_network_link_resource_group_name = var.storage[count.index].resource_group_name
private_dns_zone_virtual_network_id = var.storage[count.index].private_dns_zone_virtual_network_id
depends_on = [module.resource_group]
}
输入文件poc.tfvars.json:
{"storage": [
{
"id": "04",
"resource_group_name": "rg1",
"location": "westus2",
"pep_subnet_id": "sub_net_resource_id",
"private_dns_zone_virtual_network_id": "virtual_network_id",
"container_names": ["containerinfratfswsu2ctedev"]
},
{
"id": "05",
"lookup_private_dns_zone_name": true,
"resource_group_name": "WUS2-DEV-PE-CTE-CCI-TF-REPO-RG",
"location": "westus2",
"pep_subnet_id": "subnet_resource_id",
"private_dns_zone_virtual_network_id": "virtual_network_id"
}
]}
因为您正在使用:
module "storage" {
count = length(var.storage)
您的模块的两个实例将同时创建,而不是连续创建。很明显,模块的第二个实例失败了,因为它是在第一个实例的同时(而不是之后)创建的。所以此时此刻,没有azurerm_private_dns_zone.
您要么必须手动 运行 模块,一个接一个 depends_on,或者以某种方式将 lookup_private_dns_zone_name 功能提取到它自己的模块中,即 运行 在一切之前。
另一种选择是使用 External Data Source 激活第二个实例模块,并人为地停止它直到 azurerm_private_dns_zone 存在。但是,依靠它来传递它是非常老套的。