我的计划是允许协议(protocol) ICMP 和 TCP 使用相同的安全规则,但我遇到了与“属性值类型”相关的问题
我的 Terraform 代码:
resource "azurerm_network_security_group" "example" {
name = "01-tf-SG"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
security_rule {
name = "test123"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = **["Icmp", "Tcp"]** ---> iT FAILS!!!
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "172.16.25.10/32"
destination_address_prefix = "10.0.1.10/32"
}
我在 terraform 存储库中没有找到任何示例:https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/network_security_rule
能够在同一安全规则协议(protocol)字段上使用多个协议(protocol)。
最佳答案
正如Mark B在他的回答中列出的那样,您无法提供协议(protocol)列表。但是您可以使用 dynamic block因此它会创建两个规则,而不必单独定义它们并复制代码
resource "azurerm_network_security_group" "example" {
name = "01-tf-SG"
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
dynamic "security_rule" {
for_each = toset(["Icmp", "Tcp"])
content {
name = "test123"
priority = 100
direction = "Inbound"
access = "Allow"
protocol = security_rule.value
source_port_range = "*"
destination_port_range = "*"
source_address_prefix = "172.16.25.10/32"
destination_address_prefix = "10.0.1.10/32"
}
}
}
关于azure - 如何使用 Azure 中的 Terraform 创建具有多个协议(protocol)的安全规则?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/74494380/