我在尝试运行 Terraform Apply 时收到以下错误。
Error: updating Authentication Settings for App Service "app-cont-sa-fe-predev-cus-bb2e": web.AppsClient#UpdateAuthSettings: Failure responding to request: StatusCode=400 -- Original Error: autorest/azure: Service returned an error. Status=400 Code="BadRequest" Message="Cannot execute the request for site app-cont-sa-fe-predev-cus-bb2e because the site is running on auth version v2." Details=[{"Message":"Cannot execute the request for site app-cont-sa-fe-predev-cus-bb2e because the site is running on auth version v2."},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"04534","Message":"Cannot execute the request for site app-cont-sa-fe-predev-cus-bb2e because the site is running on auth version v2.","MessageTemplate":"Cannot execute the request for site {0} because the site is running on auth version {1}.","Parameters":["app-cont-sa-fe-predev-cus-bb2e","v2"]}}]
│
│ with azurerm_app_service.fe,
│ on resources.app.tf line 59, in resource "azurerm_app_service" "fe":
│ 59: resource "azurerm_app_service" "fe" {
任何人都可以告诉我需要在下面的资源 block 中更改什么,这样我就不会收到错误。谢谢
resource "azurerm_app_service" "fe" {
location = module.resourcegroup.resource_group.location
resource_group_name = module.resourcegroup.resource_group.name
tags = module.resourcegroup.resource_group.tags
app_service_plan_id = azurerm_app_service_plan.default.id
name = module.names-web-app-fe.location.app_service.name_unique
identity { type = "SystemAssigned" }
auth_settings {
enabled = true
default_provider = "AzureActiveDirectory"
issuer = format("https://sts.windows.net/%s/", data.azurerm_client_config.default.tenant_id)
runtime_version = "~1"
token_store_enabled = true
unauthenticated_client_action = "RedirectToLoginPage"
additional_login_params = {
"response_type" = "code id_token",
"resource" = azuread_application.app-fe.application_id
}
active_directory {
client_id = azuread_application.app-fe.object_id
client_secret = azuread_application_password.fe-app-sp-secret.application_object_id
allowed_audiences = [format("https://%s.azurewebsites.net", module.names-web-app-fe.location.app_service.name_unique)]
}
}
site_config {
always_on = true
app_command_line = ""
default_documents = []
dotnet_framework_version = "v4.0"
ftps_state = "Disabled"
health_check_path = ""
http2_enabled = true
linux_fx_version = "STATICSITE|1.0"
local_mysql_enabled = false
managed_pipeline_mode = "Integrated"
min_tls_version = "1.2"
#pre_warmed_instance_count = 0
python_version = "3.4"
remote_debugging_enabled = false
remote_debugging_version = "VS2019"
use_32_bit_worker_process = false
websockets_enabled = false
windows_fx_version = ""
cors {
allowed_origins = []
support_credentials = false
}
}
app_settings = {
"WEBSITE_DNS_SERVER" = "168.63.129.16"
"WEBSITE_VNET_ROUTE_ALL" = "1"
}
}
我猜想 Azure 端 wrt 身份验证发生了更改,因此我收到此错误。
最佳答案
Terraform 使用Auth V1 设置而不是使用< Web 应用程序的strong>Auth V2 设置。目前只有 Azure CLI cmdlet 和 ARM Templates 允许配置auth_settings_v2。这可能在 upcoming version of azurerm provider i.e. v3.0.0 中提供。 如功能详细信息:应用服务和功能应用的新数据源/资源中所述。
至于您遇到的错误,我尝试使用与您类似的代码在 Azure 中创建应用程序服务,它在初始创建中没有提供任何错误,但在我转到门户后,在身份验证设置下,我将身份验证设置升级到 v2 。我在尝试从 terraform 更新应用程序时开始收到相同的错误,如下所示:
为了避免该错误,如果您使用 terraform 创建和管理 Web 应用程序,请不要升级 Web 身份验证设置。
关于azure - 尝试运行 Terraform Apply 时出错,Web 应用程序身份验证错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/71028835/