【发布时间】:2020-09-21 21:42:23
【问题描述】:
下面的代码应该创建一个 cosmosdb、网络接口 (NIC) 和私有端点 (PE)。
当运行下面的 terraform 代码时,它会自动生成第二个具有动态 ip、无标签和通用名称(如“pe.nic.9xxxxxb-85d7-4756-8b78-dxxxxxxx”)的 NIC。
最好我想使用通过 terraform 代码创建的 NIC,而不是自动生成的,以便能够控制标签、命名以及可能的静态 ip。
用于 PE 的 Terraform 文档:https://www.terraform.io/docs/providers/azurerm/r/private_endpoint.html
来自 Github 的类似实现,未指定 NIC:https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/examples/private-endpoint/cosmos-db/main.tf
我怎样才能做到这一点?
resource "azurerm_cosmosdb_account" "cosmosDb" {
name = "MyCosmosDB"
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
offer_type = "Standard"
consistency_policy {
consistency_level= "Session"
max_interval_in_seconds= 5
max_staleness_prefix= 100
}
geo_location {
failover_priority= 0
location= data.azurerm_resource_group.rg.location
}
tags = local.tags
}
resource "azurerm_network_interface" "nic" {
name = "example-nic"
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
ip_configuration {
name = "nic-ip-config"
subnet_id = data.azurerm_subnet.subnet_vm.id
private_ip_address_allocation = "Static"
private_ip_address = var.ip
}
tags = local.tags
}
resource "azurerm_private_endpoint" "pe" {
name = "example-pe"
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
subnet_id = data.azurerm_subnet.subnet_vm.id
private_service_connection {
is_manual_connection = true
name = "example-psc"
private_connection_resource_id = azurerm_cosmosdb_account.cosmosDb.id
subresource_names = ["sql"]
request_message = "-"
}
}
【问题讨论】:
-
自动创建的 Nic 没有锁(创建的其他资源相同),但我在文档中发现它无法更改(通过 PS 和 Azure 门户确认) .
标签: terraform