terraform application_security_group_ids 无效或未知密钥

Posted 2023-03-24

【中文标题】terraform application_security_group_ids 无效或未知密钥

【英文标题】：terraform application_security_group_ids invalid or unknown key

【发布时间】：2018-09-18 22:23:29

【问题描述】：

尝试让新 GA 化的 Azure 应用程序安全组通过 Terraform 工作。 https://www.terraform.io/docs/providers/azurerm/r/network_interface.html 的文档将 application_security_group_ids 显示为 NIC 的有效参数，但是在尝试 terraform plan 下面的代码时，我得到了

“错误：azurerm_network_interface.my_nic: : 无效或未知密钥：application_security_group_ids”

resource "azurerm_resource_group" "my_vnet_rg" 
  name = "my_vnet_rg"
  location = "US East 2"


resource "azurerm_virtual_network" "my_vnet" 
  name = "my_vnet"
  resource_group_name = "my_vnet_rg"
  address_space = ["10.10.0.0/16"]
  location = "US East 2"


resource "azurerm_subnet" "my_subnet" 
  name                 = "my_subnet"
  resource_group_name  = "my_vnet_rg"
  virtual_network_name = "my_vnet"
  address_prefix       = "10.10.10.0/24"
  network_security_group_id = "$azurerm_network_security_group.my_nsg.id"


resource "azurerm_network_security_group" "my_nsg" 
  name                = "my_nsg"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"


resource "azurerm_application_security_group" "my_asg" 
  name                = "my_asg"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"


resource "azurerm_network_security_rule" "my_httprule" 
  name                        = "my_httprule"
  priority                    = 100
  direction                   = "inbound"
  access                      = "Allow"
  protocol                    = "Tcp"
  source_port_range           = "*"
  destination_port_range      = "80"
  source_address_prefix       = "*"
  destination_application_security_group_ids = ["$azurerm_application_security_group.my_asg.id"]
  resource_group_name         = "my_vnet_rg"
  network_security_group_name = "my_nsg"


resource "azurerm_network_interface" "my_nic" 
  name                = "my_nic"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"
  application_security_group_ids = ["$azurerm_application_security_group.my_asg.id"]

  ip_configuration 
    name                          = "my_nicconf"
    subnet_id                     = "$azurerm_subnet.my_subnet.id"
    private_ip_address_allocation = "dynamic"
  

Terraform v0.11.6，provider.azurerm v1.3.2

这是一个错误吗？

【参考方案1】：

参数在错误的块中，需要在 ip_configuration 子块中：

resource "azurerm_network_interface" "my_nic" 
  name                = "my_nic"
  location            = "US East 2"
  resource_group_name = "my_vnet_rg"


  ip_configuration 
    name                          = "my_nicconf"
    subnet_id                     = "$azurerm_subnet.my_subnet.id"
    private_ip_address_allocation = "dynamic"
    application_security_group_ids = ["$azurerm_application_security_group.my_asg.id"]