在 Terraform 中为 Azure 存储帐户创建事件订阅

Question

I am trying to create the following resources in Azure using Terraform and Terraform provider for Azure .我正在尝试使用Terraform和Terraform provider for Azure在 Azure 中创建以下资源。

Create a storage account for blob storage.为 blob 存储创建一个存储帐户。
Create an event subscription that will raise events on blob activity.创建将引发 Blob 活动事件的事件订阅。

When running the terraform scripts i get the following error运行 terraform 脚本时，出现以下错误

Error: Error creating/updating EventGrid Event Subscription "evtFileReceived" (Scope "/subscriptions/c17cf5ee-d3d7-4f64-b863-f2a4d6948594/resourceGroups/dominos-doodle"): eventgrid.EventSubscriptionsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidRequest" Message="The specified topic property does not match the expected topic from the event subscription scope."错误：创建/更新 EventGrid 事件订阅“evtFileReceived”时出错（范围“/subscriptions/c17cf5ee-d3d7-4f64-b863-f2a4d6948594/resourceGroups/dominos-doodle”）：eventgrid.EventSubscriptionsClient#CreateOrUpdate：发送请求失败：StatusCode - 原始错误：Code="InvalidRequest" Message="指定的主题属性与事件订阅范围中的预期主题不匹配。"

How shoud i fix it ?.我应该如何修复它？ Google search didn't gave any results.谷歌搜索没有给出任何结果。

The script that generated the error is as follows.产生错误的脚本如下。 The step that throwed the error is terraform apply抛出错误的步骤是terraform apply

Obviously one way is to use the ARM templates to achieve this, but i am trying to see if it can be created using native Terraform scripts.显然，一种方法是使用 ARM 模板来实现这一点，但我想看看它是否可以使用本机 Terraform 脚本创建。 I referred to Terraform Docs and created the following.我参考了Terraform Docs并创建了以下内容。

variable "inp_resource_group_name" { }
variable "inp_geo_location" { }
variable "inp_account_name" { }
variable "inp_az_subscription_id" { }
variable "inp_resource_group_id" { }

resource "azurerm_storage_account" "cave" {
  name                     = var.inp_account_name
  resource_group_name      = var.inp_resource_group_name
  location                 = var.inp_geo_location
  account_tier             = "Standard"
  account_replication_type = "LRS"
  account_kind             = "StorageV2"
}

resource "azurerm_storage_container" "validName" {
  name                  = validName"
  resource_group_name   = var.inp_resource_group_name
  storage_account_name  = var.inp_account_name
  container_access_type = "blob"
}

resource "azurerm_eventgrid_event_subscription" "evtFileReceived" {
  name  = "evtFileReceived"
  scope = var.inp_resource_group_id
  topic_name="/subscriptions/${var.inp_az_subscription_id}/resourceGroups/${var.inp_resource_group_name}/providers/Microsoft.Storage/storageAccounts/{var.inp_account_name}"
  webhook_endpoint {
    url = "https://myendpoint.that.works.well.across.all.osi.layers"
  }
}

Answer 1

According to the error message, it indicates that the topic_name property in resource azurerm_eventgrid_event_subscription does not match the expected topic from the event subscription scope .根据错误信息，表明资源azurerm_eventgrid_event_subscription中的topic_name属性与事件订阅范围中的预期主题不匹配。

In this case, the scope should be created at the storage account level as the topic is associated with a storage account resource.在这种情况下，应在存储帐户级别创建范围，因为主题与存储帐户资源相关联。 It will like this:它会像这样：

resource "azurerm_eventgrid_event_subscription" "evtFileReceived" {
  name  = "evtFileReceived"
  scope = ${azurerm_storage_account.cave.id}
  topic_name="/subscriptions/${var.inp_az_subscription_id}/resourceGroups/${var.inp_resource_group_name}/providers/Microsoft.Storage/storageAccounts/{azurerm_storage_account.cave.name}"
  webhook_endpoint {
    url = "https://myendpoint.that.works.well.across.all.osi.layers"
  }
}

Or, refer to this GitHub issue , you could use the scope with the id of the eventgrid topic.或者，参考此GitHub 问题，您可以使用带有 eventgrid 主题 ID 的范围。

Realized that the resource group in this case is an art from a topic type to subscribe and not a reference where to create the subscription resource.意识到这种情况下的资源组是从主题类型订阅的艺术，而不是创建订阅资源的参考。 It seems that "topic_name" and "resource_group_name" are deprecated parameters.似乎“topic_name”和“resource_group_name”是不推荐使用的参数。 Use "scope" instead with the id of the eventgrid topic.使用“范围”代替 eventgrid 主题的 id。

It will like this:它会像这样：

resource "azurerm_eventgrid_topic" "example" {
  name                = "my-eventgrid-topic"
  location            = "${azurerm_resource_group.default.location}"
  resource_group_name = "${azurerm_resource_group.default.name}"

}

resource "azurerm_eventgrid_event_subscription" "evtFileReceived" {
  name  = "evtFileReceived"
  scope = "${azurerm_eventgrid_topic.example.id}"

 webhook_endpoint {
        url = "https://myendpoint.that.works.well.across.all.osi.layers"
      }

}

Please let me know if this works or need further help.请让我知道这是否有效或需要进一步的帮助。

Answer 2

I had a similar issue and solved it by setting both the scope and topic_name to the storage account id.我有一个类似的问题，并通过将 scope 和 topic_name 设置为存储帐户 ID 来解决它。 So in your example, I think this should work;所以在你的例子中，我认为这应该有效；

resource "azurerm_eventgrid_event_subscription" "evtFileReceived" {
  name  = "evtFileReceived"
  scope = azurerm_storage_account.cave.id
  topic_name = azurerm_storage_account.cave.id
  webhook_endpoint {
    url = "https://myendpoint.that.works.well.across.all.osi.layers"
  }
}

在 Terraform 中为 Azure 存储帐户创建事件订阅

问题描述

2 个解决方案

解决方案1
1 2020-01-13 07:54:10

解决方案2
1 2020-01-24 20:18:10

在 Terraform 中为 Azure 存储帐户创建事件订阅

问题描述

2 个解决方案

解决方案1 1 2020-01-13 07:54:10

解决方案2 1 2020-01-24 20:18:10

解决方案1
1 2020-01-13 07:54:10

解决方案2
1 2020-01-24 20:18:10