无法在 terraform 中为 FrontDoor 设置最低 TLS 版本
Cannot set a minimum TLS version for FrontDoor in terraform
我正在使用 terraform 1.44。当我尝试 运行 时:
resource "azurerm_frontdoor" "frontdoor" {
name = "my-fd"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
enforce_backend_pools_certificate_name_check = false
routing_rule {
.....
}
backend_pool_load_balancing {
......
}
backend_pool_health_probe {
.....
}
backend_pool {
.......
}
frontend_endpoint {
name = "myFrontendEndpoint"
host_name = "my-custom.hostname.com"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "FrontDoor"
minimum_tls_version = "1.2"
}
}
}
失败
Error:
"frontend_endpoint.custom_https_configuration.minimum_tls_version":
this field cannot be set
根据 this GitHub 问题应该已经解决了,但是文档 link 已损坏...在当前文档中没有提及此字段...
如何创建这个前端?如果不设置 minimum_tls_version,它会出错
Error enabling Custom Domain HTTPS for Frontend Endpoint: frontdoor.FrontendEndpointsClient#EnableHTTPS: Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest" Message="\"minimumTlsVersion\" is a mandatory parameter."
来自 Azure front door SSL configuration、
All Front Door profiles created after September 2019 use TLS 1.2 as
the default minimum.
Front Door supports TLS versions 1.0, 1.1 and 1.2. TLS 1.3 is not yet
supported.
从 terraform document 开始,属性 minimum_tls_version 只能从 custom_https_configuration 块导出。它不能像参数引用一样设置。
例如,
....
frontend_endpoint {
name = "exampleFrontendEndpoint1"
host_name = "example-FrontDoor.azurefd.net"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "FrontDoor"
}
}
}
output "minimum_tls_version" {
value = "${azurerm_frontdoor.example.frontend_endpoint[0].custom_https_configuration[0].minimum_tls_version}"
}
我正在使用 terraform 1.44。当我尝试 运行 时:
resource "azurerm_frontdoor" "frontdoor" {
name = "my-fd"
location = "${azurerm_resource_group.default.location}"
resource_group_name = "${azurerm_resource_group.default.name}"
enforce_backend_pools_certificate_name_check = false
routing_rule {
.....
}
backend_pool_load_balancing {
......
}
backend_pool_health_probe {
.....
}
backend_pool {
.......
}
frontend_endpoint {
name = "myFrontendEndpoint"
host_name = "my-custom.hostname.com"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "FrontDoor"
minimum_tls_version = "1.2"
}
}
}
失败
Error: "frontend_endpoint.custom_https_configuration.minimum_tls_version": this field cannot be set
根据 this GitHub 问题应该已经解决了,但是文档 link 已损坏...在当前文档中没有提及此字段...
如何创建这个前端?如果不设置 minimum_tls_version,它会出错
Error enabling Custom Domain HTTPS for Frontend Endpoint: frontdoor.FrontendEndpointsClient#EnableHTTPS: Failure sending request: StatusCode=400 -- Original Error: Code="BadRequest" Message="\"minimumTlsVersion\" is a mandatory parameter."
来自 Azure front door SSL configuration、
All Front Door profiles created after September 2019 use TLS 1.2 as the default minimum.
Front Door supports TLS versions 1.0, 1.1 and 1.2. TLS 1.3 is not yet supported.
从 terraform document 开始,属性 minimum_tls_version 只能从 custom_https_configuration 块导出。它不能像参数引用一样设置。
例如,
....
frontend_endpoint {
name = "exampleFrontendEndpoint1"
host_name = "example-FrontDoor.azurefd.net"
custom_https_provisioning_enabled = true
custom_https_configuration {
certificate_source = "FrontDoor"
}
}
}
output "minimum_tls_version" {
value = "${azurerm_frontdoor.example.frontend_endpoint[0].custom_https_configuration[0].minimum_tls_version}"
}