azure - Terraform azurerm_data_factory vsts_configuration 失败，错误为 : Error configuring Repository for Data Factory

Question

我正在尝试使用 Terraform 在 Azure 数据工厂中设置代码存储库，并通过 Azure Cloud Shell 进行部署，并具有贡献者访问权限，如下所示:https://www.terraform.io/docs/providers/azurerm/r/data_factory.html#vsts_configuration

我收到错误消息:

Error: Error configuring Repository for Data Factory "adf-name" (Resource Group "rg-name"): datafactory.FactoriesClient#ConfigureFactoryRepo: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthorizationFailed" Message="The client '[email protected]' with object id 'xxxxx' does not have authorization to perform action 'Microsoft.DataFactory/locations/configureFactoryRepo/action' over scope '/subscriptions/xxxxxx' or the scope is invalid. If access was recently granted, please refresh your credentials.

我已经降低了客户端、对象 ID 和范围的敏感度。

我可以在门户中设置代码存储库，但当我尝试在 Azure Cloud Shell 中运行 terraform 时失败。有人以前见过这个错误消息或者知道如何克服它吗？

代码片段:

`provider "azurerm" {
  version = "=2.3.0"
  features {}
}
resource "azurerm_data_factory" "example" {
  name                = var.adf_name
  location            = var.location
  resource_group_name = var.rg_name
  vsts_configuration {
    account_name      = var.account_name
    branch_name       = var.branch_name
    project_name      = var.project_name
    repository_name   = var.repo_name
    root_folder       = var.root_folder
    tenant_id         = var.tenant_id
  }
}`

Answer 1

必须为操作“Microsoft.DataFactory/locations/configureFactoryRepo/action”添加自定义角色并将其分配给服务主体。贡献者角色本身不足以使用 Terraform azurerm 设置 Azure 数据工厂的代码存储库。