如何更正使用 Terraform 创建 Azure NSG 时的此错误?
How to correct this error in creating Azure NSG with Terraform?
我正在尝试使用 Terraform 在 Azure 中创建 NSG。
Terraform 版本为 v0.15.2,提供商版本为 azurerm v2.61.0
这是我的 TF 文件中的一段代码。
resource "azurerm_network_security_group" "nsg" {
name = "SG"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = "*"
destination_address_prefixes = ["*"]
destination_port_range = "*"
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = "*"
source_address_prefixes = ["*"]
source_port_range = "22"
source_port_ranges = ["22"]
source_application_security_group_ids = [""]
destination_application_security_group_ids = [""]
}]
}
现在,当我 运行 terraform plan
& terraform apply
时,我得到的预期输出为:
* only one of "source_port_range" and "source_port_ranges" can be used per security rule
* only one of "destination_port_range" and "destination_port_ranges" can be used per security rule
* only one of "source_address_prefix" and "source_address_prefixes" can be used per security rule
* only one of "destination_address_prefix" and "destination_address_prefixes" can be used per security rule
现在,当我再次只保留 source_port_range, destination_port_range, source_address_prefix, destination_address_prefix
字段和 运行 terraform plan
时,会出现以下错误:
Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefixes",
│ "destination_port_ranges", "source_address_prefixes", and "source_port_ranges" are required.
如果我添加这些并删除较早的那些,我得到:
│ Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefix", "destination_port_range",
│ "source_address_prefix", and "source_port_range" are required.
为什么会发生这种情况以及如何解决这个问题?
更新
考虑了评论中提到的要点,并进行了一些更改以使其正常工作。
注意事项:
- 即使在文档中提到 Optional,Terraform 也需要 security_rule 块中的所有键。
- 此外,它不允许 Source/destination address_prefixes = ["*"] 这样。 Source/Destination address_prefix 完成了任务。
- 在未提及值的地方,应使用 [] 而不是 [""]
resource "azurerm_network_security_group" "nsg" {
name = "SG"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = "*"
destination_address_prefixes = []
destination_port_range = ""
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = "*"
source_address_prefixes = []
source_port_range = "*"
source_port_ranges = []
source_application_security_group_ids = []
destination_application_security_group_ids = []
}]
}
你能试试这个吗:
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = ""
destination_address_prefixes = ["*"]
destination_port_range = ""
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = ""
source_address_prefixes = ["*"]
source_port_range = ""
source_port_ranges = ["22"]
source_application_security_group_ids = []
destination_application_security_group_ids = []
}]
}
您在两个字段中定义值 - 即 Terraform 将只接受 destination_port_range
或 destination_port_ranges
之一,而不接受两者。其他属性也一样。
我正在尝试使用 Terraform 在 Azure 中创建 NSG。
Terraform 版本为 v0.15.2,提供商版本为 azurerm v2.61.0
这是我的 TF 文件中的一段代码。
resource "azurerm_network_security_group" "nsg" {
name = "SG"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = "*"
destination_address_prefixes = ["*"]
destination_port_range = "*"
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = "*"
source_address_prefixes = ["*"]
source_port_range = "22"
source_port_ranges = ["22"]
source_application_security_group_ids = [""]
destination_application_security_group_ids = [""]
}]
}
现在,当我 运行 terraform plan
& terraform apply
时,我得到的预期输出为:
* only one of "source_port_range" and "source_port_ranges" can be used per security rule
* only one of "destination_port_range" and "destination_port_ranges" can be used per security rule
* only one of "source_address_prefix" and "source_address_prefixes" can be used per security rule
* only one of "destination_address_prefix" and "destination_address_prefixes" can be used per security rule
现在,当我再次只保留 source_port_range, destination_port_range, source_address_prefix, destination_address_prefix
字段和 运行 terraform plan
时,会出现以下错误:
Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefixes",
│ "destination_port_ranges", "source_address_prefixes", and "source_port_ranges" are required.
如果我添加这些并删除较早的那些,我得到:
│ Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefix", "destination_port_range",
│ "source_address_prefix", and "source_port_range" are required.
为什么会发生这种情况以及如何解决这个问题?
更新
考虑了评论中提到的要点,并进行了一些更改以使其正常工作。
注意事项:
- 即使在文档中提到 Optional,Terraform 也需要 security_rule 块中的所有键。
- 此外,它不允许 Source/destination address_prefixes = ["*"] 这样。 Source/Destination address_prefix 完成了任务。
- 在未提及值的地方,应使用 [] 而不是 [""]
resource "azurerm_network_security_group" "nsg" {
name = "SG"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = "*"
destination_address_prefixes = []
destination_port_range = ""
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = "*"
source_address_prefixes = []
source_port_range = "*"
source_port_ranges = []
source_application_security_group_ids = []
destination_application_security_group_ids = []
}]
}
你能试试这个吗:
security_rule = [{
access = "Allow"
description = "SSH Rule"
destination_address_prefix = ""
destination_address_prefixes = ["*"]
destination_port_range = ""
destination_port_ranges = ["22"]
direction = "Inbound"
name = "SSH Rule"
priority = 100
protocol = "Tcp"
source_address_prefix = ""
source_address_prefixes = ["*"]
source_port_range = ""
source_port_ranges = ["22"]
source_application_security_group_ids = []
destination_application_security_group_ids = []
}]
}
您在两个字段中定义值 - 即 Terraform 将只接受 destination_port_range
或 destination_port_ranges
之一,而不接受两者。其他属性也一样。