【发布时间】:2022-02-02 19:56:31
【问题描述】:
您好,我正在尝试在子网中创建服务延迟
这是我的 main.tf 代码
data "azurerm_resource_group" "resourcegroup" {
for_each = var.subnet
name = each.value["resource_group_name"]
}
data "azurerm_virtual_network" "vnet" {
for_each = var.subnet
name = each.value["virtual_network_name"]
resource_group_name = each.value["resource_group_name"]
}
resource "azurerm_subnet" "snet" {
for_each = var.subnet
name = each.value["name"]
resource_group_name = each.value["resource_group_name"] #"${azurerm_resource_group.rg.name}"
virtual_network_name = each.value["virtual_network_name"]
address_prefixes = each.value["address_prefixes"]
enforce_private_link_endpoint_network_policies = each.value["endpoint_network_policies"]
enforce_private_link_service_network_policies = each.value["service_network_policies"]
dynamic "delegation" {
for_each = var.delegation != null ? var.delegation : []
content {
name = lookup(delegation.value, "name", null)
service_delegation {
name = lookup(delegation.value.service_delegation, "name", null)
actions = lookup(delegation.value.service_delegation, "actions", null)
}
}
}
}
当我使用现有子网为其运行计划并创建新子网时,计划会显示“无更改”,因为它无法检测到服务委托更改
请帮帮我
subnet = {
snet1 = {
name = "Practicerg1-snet1"
resource_group_name = "Practicerg1"
virtual_network_name = "Practicerg1-vnet"
address_prefixes = ["10.2.0.0/24"]
endpoint_network_policies = true
service_network_policies = true
delegation = {
name = "snet1delegation"
service_delegation = {
name = "Microsoft.ContainerInstance/containerGroups"
actions = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
}
}
}
snet2 = {
name = "Practicerg3-snet1"
resource_group_name = "Practicerg3"
virtual_network_name = "Practicerg3-vnet"
address_prefixes = ["10.4.0.0/24"]
endpoint_network_policies = true
service_network_policies = true
delegation = {
name = "snet1delegation"
service_delegation = {
name = "Microsoft.ContainerInstance/containerGroups"
actions = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
}
}
}
snet3 = {
name = "Practicerg2-snet1"
resource_group_name = "Practicerg2"
virtual_network_name = "Practicerg2-vnet"
address_prefixes = ["10.3.0.0/24"]
endpoint_network_policies = true
service_network_policies = true
delegation = {
name = "snet1delegation"
service_delegation = {
name = "Microsoft.ContainerInstance/containerGroups"
actions = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
}
}
}
snet4 = {
name = "Practicerg2-snet2"
resource_group_name = "Practicerg2"
virtual_network_name = "Practicerg2-vnet"
address_prefixes = ["10.3.1.0/27"]
endpoint_network_policies = true
service_network_policies = true
delegation = {
name = "snet1delegation"
service_delegation = {
name = "Microsoft.ContainerInstance/containerGroups"
actions = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
}
}
}
}
这是我的 var 文件,我在其中为委托声明值,但在应用时仍未创建
根据您的最新评论,我创建了新子网,计划如下
Terraform 将执行以下操作:
# module.terraform.module.subnet.azurerm_subnet.snet["snet4"] will be created
+ resource "azurerm_subnet" "snet" {
+ address_prefix = (known after apply)
+ address_prefixes = [
+ "10.3.1.0/27",
]
+ enforce_private_link_endpoint_network_policies = true
+ enforce_private_link_service_network_policies = true
+ id = (known after apply)
+ name = "Practicerg2-snet2"
+ resource_group_name = "Practicerg2"
+ virtual_network_name = "Practicerg2-vnet"
}
Plan: 1 to add, 0 to change, 0 to destroy.
由于缺少某些特权,无法附加图片
【问题讨论】:
-
“当我使用现有子网为其运行计划并创建新子网时,计划会显示“无更改”,因为它无法检测到服务委托更改”您是否正在导入现有子网首先然后更改委派设置?或者您是在现有 vnet 中使用委托设置整体创建一个新子网?
-
@AnsumanBal-MT 我正在创建一个带有委托设置的新子网
-
如果回答对您有帮助,请Accept it as an Answer,以便遇到相同问题的其他人可以找到此解决方案并解决他们的问题。
标签: terraform terraform-provider-azure