所以我试图将Terraform连接到Azure Gov,但代码中的环境似乎没有被读取。或者我离这还差得很远,任何帮助都将不胜感激。
这是代码,非常基本,只是试图让它连接并在状态文件中存储一些东西。
terraform {
backend "azurerm" {
#resource_group_name = "terraform-test"
storage_account_name = "terraformstate01"
container_name = "tstate01"
key = "terraform.tfstate"
access_key = "ACCESS_KEY_GOES_HERE"
}
}
# Configure the Azure provider
provider "azurerm" {
# The "feature" block is required for AzureRM provider 2.x.
# If you are using version 1.x, the "features" block is not allowed.
version = "2.76.0"
environment = "usgovernment"
features {}
}
resource "azurerm_resource_group" "state-demo-secure" {
name = "state-demo"
location = "usgovvirginia"
}
这里还附带了我在运行Terraforminit时遇到的错误。
Initializing the backend...
╷
│ Error: Failed to get existing workspaces: containers.Client#ListBlobs: Failure responding to request: StatusCode=403 -- Original Error: autorest/azure: Service returned an error. Status=403 Code="AuthenticationFailed" Message="Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature.nRequestId:c5022f4e-c01e-0002-51f4-74a3d7000000nTime:2021-07-09T18:55:41.1228617Z"```
正如Ken W MSFT在评论部分所提到的,在调用.tf文件之前需要设置云环境,而不是在azurerm提供程序中调用它。
如果它是公共的,则不需要这样做,但当您尝试使用专用的独占云时,在该云中工作之前,您需要使用azure CLI或azure powershell根据需要设置环境。
用于CLI的命令:
$ az cloud set --name AzureChinaCloud|AzureGermanCloud|AzureUSGovernment
Powershell命令:
Connect-AzAccount -EnvironmentName AzureChinaCloud|AzureGermanCloud|AzureUSGovernment
参考:
Azure提供商:通过Azure CLI|Guides|hashicorp/azurerm|Terraform Registry 进行身份验证