# Create logic app workflow
resource "azurerm_logic_app_workflow" "workflw" {
name = "devtest-workflw"
location = azurerm_resource_group.logic.location
resource_group_name = azurerm_resource_group.logic.name
}
# Create a storage account
module "storage_account" {
source = "../.."
version = "2.0.0"
resource_group_name = azurerm_resource_group.logic.name
resource_group_location = var.region
environment = "dev"
product = "demo"
virtual_network_subnet_ids = [module.subnet_services.subnet_id]
account_tier = "Standard"
account_kind = "StorageV2"
account_replication_type = "ZRS"
file_private_dns_zone_name = "privatelink.file.core.windows.net"
private_dns_zone_resource_group_name = "hub-privatedns-rg"
storage_account_file_private_dns_zone_id = var.storage_account_file_private_dns_zone_id
use_file_private_endpoint = true
private_endpoint_subnet_id = module.subnet_services.subnet_id
tags = local.tags
ip_rules = ["0.0.0.0 ", "0.0.0.0 "]
}
resource "azurerm_storage_share" "share" {
name = "devtest-share"
storage_account_name = module.storage_account.name
quota = 50
}
resource "azurerm_logic_app_standard" "standard" {
name = "dev-logicstand"
location = azurerm_resource_group.logic.location
resource_group_name = azurerm_resource_group.logic.name
app_service_plan_id = azurerm_service_plan.aseasp.id
storage_account_name = module.storage_account.name
storage_account_access_key = module.storage_account.primary_access_key
}
resource "azurerm_app_service_virtual_network_swift_connection"
"swift_connect" {
app_service_id = azurerm_linux_web_app.as.id
subnet_id = module.subnet_services.subnet_id
}
错误:创建逻辑应用标准:(站点名称“dev-logicstand”/资源组“dev-logicapp-rg”):web.AppsClient#CreateOrUpdate:发送请求失败:StatusCode=400 -- 原始错误:Code= “BadRequest”消息=“创建存储文件共享失败,原因是:‘远程服务器返回错误:(403) 禁止。’。请检查存储帐户是否可访问。”详细信息=[{"Message":"创建存储文件共享失败,原因是:'远程服务器返回错误:(403) 禁止。'。请检查存储帐户是否可访问。"},{"Code":"BadRequest"},{"ErrorEntity":{"Code":"BadRequest","ExtendedCode":"99022","Message":"创建存储文件共享失败:'远程服务器返回错误:(403)禁止。'。请检查存储帐户是否可访问。","MessageTemplate":"创建存储文件共享失败,原因:'{0}'。请检查存储帐户是否可访问。","Parameters":[ “远程服务器返回错误:(403) 禁止。”]}}]
在 LogicApp.tf 第 48 行,资源“azurerm_logic_app_standard”“standard”中: 48:资源“azurerm_logic_app_standard”“标准”{
最佳答案
• 您收到此错误是因为从配置来看,您似乎想要创建存储帐户的专用终结点并通过逻辑应用工作区访问其中的文件共享以存储或从中提取数据通过在私有(private) DNS 区域中创建的私有(private)链接配置安全地实现。因此,您必须确保您的存储帐户和部署的逻辑应用位于同一区域,以便链接到存储帐户的专用端点能够通过 terraform IaaC 有效部署。。 p>
• 因此,首先应创建存储帐户及其中托管的固有文件共享,然后仅应配置存储帐户的专用端点以从文件的存储帐户创建分享。在当前的 terraform IaaC 代码中,在部署存储帐户的同时执行私有(private)链接创建,因此无法通过私有(private)终结点创建私有(private)链接。因此,您在文件共享的可访问性方面遇到的错误是因为它正在创建中。
有关更多详细信息,请参阅以下 terraform 文档链接:-
<强> https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/private_endpoint
关于azure - Message="创建存储文件共享失败,错误为 : The remote server returned an error: (403) Forbidden. 检查存储帐户是否可访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/73160030/