Terraform虚拟湾azurerm_vpn_gateway_connection
Terraform虚拟湾azurerm_vpn_gateway_connection
提问于 2022-09-26 16:40:18
希望创建动态Azure vwan vpn站点连接。我使用这张地图来定义网站和链接。我希望能够添加和删除网站和链接,因为我的需求变化。
virtual_wan_vpn_sites = {
vwan_site_dc = {
name = "site-shr-infra-dc"
location_map_key = "primary"
resource_group_key = "rg_vwan"
vwan_key = "vwan"
device_vendor = "Fortigate"
device_model = "FGT60F"
links = {
link_1 = {
name = "link-shr-infra-dc-1"
bgp_asn = "64512"
public_ip_address = "1.1.1.1"
bgp_peering_ip = "10.10.100.1"
}
link_2 = {
name = "link-shr-infra-dc-2"
bgp_asn = "64513"
public_ip_address = "2.2.2.2"
bgp_peering_ip = "10.10.100.100"
}
}
}
}以及创建站点、链接和连接的代码。
# Create vpn site(s)
module "virtualWanVpnSites" {
source = "../../modules/networking/virtual_wan_vpn_site"
for_each = var.virtual_wan_vpn_sites
name = each.value.name
location = var.location_map[each.value.location_map_key]
resource_group_name = azurerm_resource_group.resource_group[each.value.resource_group_key].name
virtual_wan_id = module.virtualWan[each.value.vwan_key].virtual_wan_id
vwan_key = each.value.vwan_key
vwan_sites = each.value.links
device_vendor = each.value.device_vendor
device_model = each.value.device_model
vpn_gateways = values(module.virtualHubVpn)[*].virtual_hub_vpn_gateway_id
tags = merge(lookup(each.value, "tags", {}), local.tags)
../../modules/networking/virtual_wan_vpn_site
# Virtual Wan vpn site
resource "azurerm_vpn_site" "vwan_vpn_site" {
name = var.name
location = var.location
resource_group_name = var.resource_group_name
virtual_wan_id = var.virtual_wan_id
device_vendor = var.device_vendor
device_model = var.device_model
tags = local.tags
dynamic "link" {
for_each = try(var.vwan_sites, {})
content {
name = link.value.name
ip_address = link.value.public_ip_address
bgp {
asn = link.value.bgp_asn
peering_address = link.value.bgp_peering_ip
}
}
}
}
# vhub vpn gateway connection
resource "azurerm_vpn_gateway_connection" "vhub_vpn_gateway_connection" {
for_each = toset(var.vpn_gateways)
name = "example"
vpn_gateway_id = each.key
remote_vpn_site_id = azurerm_vpn_site.vwan_vpn_site.id
*dynamic "vpn_link" {
for_each = try(azurerm_vpn_site.vwan_vpn_site.link, [])
content {
name = vpn_link.value.name
vpn_site_link_id = vpn_link.value.id
bgp_enabled = true
}
}*
}成功地创建了vwan站点和链接,但是,链接连接出现了以下错误:
Error: Missing required argument
│
│ with module.virtualWanVpnSites["vwan_site_dc"].azurerm_vpn_gateway_connection.vhub_vpn_gateway_connection["/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/vpnGateways/vpn-shr-infra-usce"],
│ on ../../modules/networking/virtual_wan_vpn_site/module.tf line 25, in resource "azurerm_vpn_gateway_connection" "vhub_vpn_gateway_connection":
│ 25: resource "azurerm_vpn_gateway_connection" "vhub_vpn_gateway_connection" {
│
│ The argument "vpn_link.1.vpn_site_link_id" is required, but no definition
│ was found.
╵
╷
│ Error: Missing required argument
│
│ with module.virtualWanVpnSites["vwan_site_dc"].azurerm_vpn_gateway_connection.vhub_vpn_gateway_connection["/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/vpnGateways/vpn-shr-infra-use2"],
│ on ../../modules/networking/virtual_wan_vpn_site/module.tf line 25, in resource "azurerm_vpn_gateway_connection" "vhub_vpn_gateway_connection":
│ 25: resource "azurerm_vpn_gateway_connection" "vhub_vpn_gateway_connection" {
│
│ The argument "vpn_link.1.vpn_site_link_id" is required, but no definition
│ was found.看来,资源azurerm_vpn_gateway_connection需要这样的vpn_site_link_id:vpn_site_link_id = azurerm_vpn_site.example.link.id.
我可以在状态文件中看到如下链接:
"module": "module.virtualWanVpnSites[\"vwan_site_dc\"]",
"mode": "managed",
"type": "azurerm_vpn_site",
"name": "vwan_vpn_site",
"provider": "provider[\"registry.terraform.io/hashicorp/azurerm\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"address_cidrs": [],
"device_model": "FGT60F",
"device_vendor": "Fortigate",
"id": "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/vpnSites/site-shr-infra-dc",
"link": [
{
"bgp": [
{
"asn": 64512,
"peering_address": "10.10.100.1"
}
],
"fqdn": "",
"id": "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/vpnSites/site-shr-infra-dc/vpnSiteLinks/link-shr-infra-dc-1",
"ip_address": "1.1.1.1",
"name": "link-shr-infra-dc-1",
"provider_name": "",
"speed_in_mbps": 0
},
{
"bgp": [
{
"asn": 64513,
"peering_address": "10.10.100.100"
}
],
"fqdn": "",
"id": "/subscriptions/xxx/resourceGroups/xxx/providers/Microsoft.Network/vpnSites/site-shr-infra-dc/vpnSiteLinks/link-shr-infra-dc-2",
"ip_address": "2.2.2.2",
"name": "link-shr-infra-dc-2",
"provider_name": "",
"speed_in_mbps": 0
}
],任何想法都将不胜感激。谢谢。
回答 1
Stack Overflow用户
发布于 2022-10-04 13:14:43
请检查一下这个terraform-azurerm-虚拟-wan·GitHub
最初,检查版本是否是问题所在,并查看Terraform的2.78.0版本。
- 还请尝试设置
address_cidrs以创建地址空间
我在azurerm_vpn_site中使用了azurerm_vpn_site,在azurerm_virtual_hub中使用了address_prefix = "10.0.0.0/24“。
vpn_sites = [
{
name = "site1"
links = [
{
name = "site1-primary-endpoint"
ip_address = "20.20.20.20"
bgp = [
{
asn = 65530
peering_address = "169.254.21.2"
}
]
},
{
name = "site1-secondary-endpoint"
ip_address = "21.21.21.21"
bgp = [
{
asn = 65530
peering_address = "169.254.22.2"
}
]
}
]
}
]正如您所说的,vpn_link的格式为vpn_site_link_id = vpn_link.value[0].id
还请查看参考:Terraform for-每个都有对象列表-堆栈溢出
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/73857284
复制相关文章
相似问题
腾讯云开发者
