如何更正使用 Terraform 创建 Azure NSG 时的此错误?

How to correct this error in creating Azure NSG with Terraform?

我正在尝试使用 Terraform 在 Azure 中创建 NSG。

Terraform 版本为 v0.15.2,提供商版本为 azurerm v2.61.0

这是我的 TF 文件中的一段代码。

  resource "azurerm_network_security_group" "nsg" {
  name                = "SG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name


  security_rule = [{
    access                                     = "Allow"
    description                                = "SSH Rule"
    destination_address_prefix                 = "*"
    destination_address_prefixes               = ["*"]
    destination_port_range                     = "*"
    destination_port_ranges                    = ["22"]
    direction                                  = "Inbound"
    name                                       = "SSH Rule"
    priority                                   = 100
    protocol                                   = "Tcp"
    source_address_prefix                      = "*"
    source_address_prefixes                    = ["*"]
    source_port_range                          = "22"
    source_port_ranges                         = ["22"]
    source_application_security_group_ids      = [""]
    destination_application_security_group_ids = [""]

  }]
}

现在,当我 运行 terraform plan & terraform apply 时,我得到的预期输出为:

* only one of "source_port_range" and "source_port_ranges" can be used per security rule
* only one of "destination_port_range" and "destination_port_ranges" can be used per security rule
* only one of "source_address_prefix" and "source_address_prefixes" can be used per security rule
* only one of "destination_address_prefix" and "destination_address_prefixes" can be used per security rule

现在,当我再次只保留 source_port_range, destination_port_range, source_address_prefix, destination_address_prefix 字段和 运行 terraform plan 时,会出现以下错误:

Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefixes",
│ "destination_port_ranges", "source_address_prefixes", and "source_port_ranges" are required.

如果我添加这些并删除较早的那些,我得到:

│ Inappropriate value for attribute "security_rule": element 0: attributes "destination_address_prefix", "destination_port_range",  
│ "source_address_prefix", and "source_port_range" are required.

为什么会发生这种情况以及如何解决这个问题?

更新

考虑了评论中提到的要点,并进行了一些更改以使其正常工作。

注意事项:

resource "azurerm_network_security_group" "nsg" {
  name                = "SG"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name


  security_rule = [{
    access                                     = "Allow"
    description                                = "SSH Rule"
    destination_address_prefix                 = "*"
    destination_address_prefixes               = []
    destination_port_range                     = ""
    destination_port_ranges                    = ["22"]
    direction                                  = "Inbound"
    name                                       = "SSH Rule"
    priority                                   = 100
    protocol                                   = "Tcp"
    source_address_prefix                      = "*"
    source_address_prefixes                    = []
    source_port_range                          = "*"
    source_port_ranges                         = []
    source_application_security_group_ids      = []
    destination_application_security_group_ids = []

  }]
}

你能试试这个吗:

  security_rule = [{
    access                                     = "Allow"
    description                                = "SSH Rule"
    destination_address_prefix                 = ""
    destination_address_prefixes               = ["*"]
    destination_port_range                     = ""
    destination_port_ranges                    = ["22"]
    direction                                  = "Inbound"
    name                                       = "SSH Rule"
    priority                                   = 100
    protocol                                   = "Tcp"
    source_address_prefix                      = ""
    source_address_prefixes                    = ["*"]
    source_port_range                          = ""
    source_port_ranges                         = ["22"]
    source_application_security_group_ids      = []
    destination_application_security_group_ids = []

  }]
}

您在两个字段中定义值 - 即 Terraform 将只接受 destination_port_rangedestination_port_ranges 之一,而不接受两者。其他属性也一样。