目标:尝试使用 Terraform 创建具有 AAD 身份验证类型的 Azure VPN 网关
我正在使用的代码:
Azure Rm版本: 2.99
Main.tf
resource "azurerm_virtual_network_gateway" "vpn-gw" {
name = "vng-${var.env}-we"
location = azurerm_resource_group.rg[0].location
resource_group_name = azurerm_resource_group.rg[0].name
type = "Vpn"
vpn_type = "RouteBased"
active_active = true
enable_bgp = false
sku = "VpnGw1AZ"
ip_configuration {
name = "vnetGatewayConfig"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig1"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-secondary.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
ip_configuration {
name = "vnetGatewayConfig2"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-vpn.id
private_ip_address_allocation = "Dynamic"
subnet_id = azurerm_subnet.gw_snet[0].id
}
vpn_client_configuration {
address_space = ["xx.xxx.xx/24"]
vpn_authentication_types = ["AAD"]
tenant_uri = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxx"
audience_id = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
aad_issuer_uri = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
我收到错误:
Error: Unsupported argument
│
│ on main.tf line 834, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 834: vpn_authentication_types = ["AAD"]
│
│ An argument named "vpn_authentication_types" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on main.tf line 835, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 835: tenant_uri = "https://login.microsoftonline.com/************************************"
│
│ An argument named "tenant_uri" is not expected here.
╵
╷
│ Error: Unsupported argument
│
│ on main.tf line 836, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 836: audience_id = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
│
│ An argument named "audience_id" is not expected here.
引用文档:
https://github.com/hashicorp/terraform-provider-azurerm/issues/5079
请帮助解决此问题
最佳答案
您正在使用azurerm版本:2.99,因此您应该使用相关的Terraform azurerm documentation
如果您使用以下方法,您的错误可能会得到解决:
vpn_auth_types而不是vpn_authentication_typesaad_tenant而不是tenant_uriaad_audience而不是audience_idaad_issuer代替aad_issuer_uriresource "azurerm_virtual_network_gateway" "vpn-gw" { name = "vng-${var.env}-we" location = azurerm_resource_group.rg[0].location resource_group_name = azurerm_resource_group.rg[0].name type = "Vpn" vpn_type = "RouteBased" active_active = true enable_bgp = false sku = "VpnGw1AZ" ip_configuration { name = "vnetGatewayConfig" public_ip_address_id = azurerm_public_ip.vpn-gateway-ip.id private_ip_address_allocation = "Dynamic" subnet_id = azurerm_subnet.gw_snet[0].id } ip_configuration { name = "vnetGatewayConfig1" public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-secondary.id private_ip_address_allocation = "Dynamic" subnet_id = azurerm_subnet.gw_snet[0].id } ip_configuration { name = "vnetGatewayConfig2" public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-vpn.id private_ip_address_allocation = "Dynamic" subnet_id = azurerm_subnet.gw_snet[0].id } vpn_client_configuration { address_space = ["xx.xxx.xx/24"] vpn_auth_types = ["AAD"] aad_tenant = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxx" aad_audience = "41b23e61-6c1e-4545-b367-cd054e0ed4b4" aad_issuer = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" } }
关于azure - 创建 azure vpn 网关时不支持的参数,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/73334143/