Terraform Azure 网络安全
Terraform Azure network security
我正在尝试通过具有多个源地址的 Terraform 为 Azure 中的网络安全组配置网络安全规则。
基于文档
https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html
但是,我无法让它工作,也找不到任何示例:
https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html#source_address_prefixes
我收到错误:
错误:azurerm_network_security_rule.test0:"source_address_prefix":未设置必填字段
错误:azurerm_network_security_rule.test0: :无效或未知密钥:source_address_prefixes
这是我的示例:
resource "azurerm_network_security_rule" "test0" {
name = "RDP"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "TCP"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefixes = "{200.160.200.30,200.160.200.60}"
destination_address_prefix = "VirtualNetwork"
network_security_group_name= "${azurerm_network_security_group.test.name}"
resource_group_name = "${azurerm_resource_group.test.name}"
}
请告诉我。
谢谢!
"address_prefix" 是表示 CIDR 的字符串值,例如10.0.0.0/24。所以在你的情况下 source_address_prefix = "200.160.200.30/32" 和 destination_address_prefix = "${azurerm_virtual_network.test.address_space.0}" 取决于你想指的是什么。
source_address_prefixes 需要源地址前缀列表。
修改如下:
source_address_prefixes = ["200.160.200.30","200.160.200.60"]
azurerm_network_security_group.test.name也有错误,正确的类型是azurerm_network_security_group.test0.name。以下 tf 文件适合我。
resource "azurerm_resource_group" "test0" {
name = "shuinsg"
location = "West US"
}
resource "azurerm_network_security_group" "test0" {
name = "shuinsgtest"
location = "${azurerm_resource_group.test0.location}"
resource_group_name = "${azurerm_resource_group.test0.name}"
}
resource "azurerm_network_security_rule" "test0" {
name = "RDP"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "TCP"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefixes = ["200.160.200.30","200.160.200.60"]
destination_address_prefix = "VirtualNetwork"
network_security_group_name= "${azurerm_network_security_group.test0.name}"
resource_group_name = "${azurerm_resource_group.test0.name}"
}
这是我的测试结果。
我正在尝试通过具有多个源地址的 Terraform 为 Azure 中的网络安全组配置网络安全规则。
基于文档 https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html
但是,我无法让它工作,也找不到任何示例:
https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html#source_address_prefixes
我收到错误:
错误:azurerm_network_security_rule.test0:"source_address_prefix":未设置必填字段 错误:azurerm_network_security_rule.test0: :无效或未知密钥:source_address_prefixes
这是我的示例:
resource "azurerm_network_security_rule" "test0" {
name = "RDP"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "TCP"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefixes = "{200.160.200.30,200.160.200.60}"
destination_address_prefix = "VirtualNetwork"
network_security_group_name= "${azurerm_network_security_group.test.name}"
resource_group_name = "${azurerm_resource_group.test.name}"
}
请告诉我。
谢谢!
"address_prefix" 是表示 CIDR 的字符串值,例如10.0.0.0/24。所以在你的情况下 source_address_prefix = "200.160.200.30/32" 和 destination_address_prefix = "${azurerm_virtual_network.test.address_space.0}" 取决于你想指的是什么。
source_address_prefixes 需要源地址前缀列表。
修改如下:
source_address_prefixes = ["200.160.200.30","200.160.200.60"]
azurerm_network_security_group.test.name也有错误,正确的类型是azurerm_network_security_group.test0.name。以下 tf 文件适合我。
resource "azurerm_resource_group" "test0" {
name = "shuinsg"
location = "West US"
}
resource "azurerm_network_security_group" "test0" {
name = "shuinsgtest"
location = "${azurerm_resource_group.test0.location}"
resource_group_name = "${azurerm_resource_group.test0.name}"
}
resource "azurerm_network_security_rule" "test0" {
name = "RDP"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = "TCP"
source_port_range = "*"
destination_port_range = "3389"
source_address_prefixes = ["200.160.200.30","200.160.200.60"]
destination_address_prefix = "VirtualNetwork"
network_security_group_name= "${azurerm_network_security_group.test0.name}"
resource_group_name = "${azurerm_resource_group.test0.name}"
}
这是我的测试结果。