[英]Issue creating Azure Firewall using Terraform HCL
当我尝试使用 Terraform HCL 创建防火墙时,我收到以下错误消息。 只是关于#{variables}# 的注释,我通过 Azure DevOps 传递令牌,并且该部分工作正常:
#Create public ip for load balancer
resource "azurerm_public_ip" "#{application}##{vertical}#PublicIPforLB" {
name = "lbip#{application}##{vertical}#"
location = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.location
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
allocation_method = "Static"
#sku = "Standard"
}
#Create firewall for public ip
resource "azurerm_firewall" "#{application}##{vertical}#Firewall" {
name = "fw#{application}##{vertical}#"
location = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.location
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
ip_configuration {
name = "ipconfFW"
subnet_id = azurerm_subnet.AzureFirewallSubnet.id
public_ip_address_id = azurerm_public_ip.#{application}##{vertical}#PublicIPforLB.id
}
}
#Create security group and rule for accessing web application
resource "azurerm_network_security_group" "#{application}##{vertical}#SecurityGroup" {
name = "sg#{application}##{vertical}#"
location = "canadaeast"
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
security_rule {
name = "SSH"
priority = 1001
direction = "Inbound"
access = "Allow"
protocol = "Tcp"
source_port_range = "*"
destination_port_range = "443"
source_address_prefix = "*"
destination_address_prefix = "*"
}
}
#Create load balancer for 2 front-end web server VMs
resource "azurerm_lb" "#{application}##{vertical}#LoadBalancer" {
name = "lb#{application}##{vertical}#"
location = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.location
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
frontend_ip_configuration {
name = "ipconfLB"
public_ip_address_id = azurerm_public_ip.#{application}##{vertical}#PublicIPforLB.id
}
}
错误:Code="AzureFirewallPublicIPNotStandard" Message="AzureFirewall fwMyTest 引用了非标准公共 IP 地址
我尝试将 sku 指定为标准; 但是我收到以下错误:
错误:Code="PublicIPAndLBSkuDoNotMatch" Message="Basic sku load balancer cannot reference Standard sku publicIP
任何帮助将不胜感激!!
谢谢!! :)
我建议查看当前在 PublicIp 上设置的 SKU。 Azure 希望来自 LB 的 SKU 与您尝试使用的 PublicIP 资源的 SKU(在本例中为“标准”)相匹配。 目前已为 PublicIp 注释掉。 PublicIp 和 LB 默认为“基本”sku。
#Create public ip for load balancer
resource "azurerm_public_ip" "#{application}##{vertical}#PublicIPforLB" {
name = "lbip#{application}##{vertical}#"
location = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.location
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
allocation_method = "Static"
sku = "Standard"
}
和
#Create load balancer for 2 front-end web server VMs
resource "azurerm_lb" "#{application}##{vertical}#LoadBalancer" {
name = "lb#{application}##{vertical}#"
location = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.location
resource_group_name = azurerm_resource_group.#{application}##{vertical}#ResourceGroup.name
sku = "Standard"
frontend_ip_configuration {
name = "ipconfLB"
public_ip_address_id = azurerm_public_ip.#{application}##{vertical}#PublicIPforLB.id
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.