目标:尝试在Azure 上使用terraform创建vpn网关
我尝试过的:
resource "azurerm_virtual_network_gateway" "vpn-gw" {
name = "vng-orpcb-hub-${var.env}-we"
location = azurerm_resource_group.rg[0].location
resource_group_name = azurerm_resource_group.rg[0].name
type = "Vpn"
vpn_type = "RouteBased"
active_active = true
enable_bgp = false
sku = "VpnGw1AZ"
ip_configuration {
name = "vnetGatewayConfig"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip.id
private_ip_address_allocation = "Dynamic"
subnet_id = data.azurerm_subnet.gatewaysubnetdata.id
}
ip_configuration {
name = "vnetGatewayConfig1"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-secondary.id
private_ip_address_allocation = "Dynamic"
subnet_id = data.azurerm_subnet.gatewaysubnetdata.id
}
ip_configuration {
name = "vnetGatewayConfig2"
public_ip_address_id = azurerm_public_ip.vpn-gateway-ip-vpn.id
private_ip_address_allocation = "Dynamic"
subnet_id = data.azurerm_subnet.gatewaysubnetdata.id
}
dynamic "vpn_client_configuration" {
for_each = tomap({ for k, v in var.audience : k => v })
content {
address_space = ["10.100.0.0/24"]
vpn_auth_types = ["AAD"]
aad_tenant = "https://login.microsoftonline.com/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
aad_audience = vpn_client_configuration.value
aad_issuer = "https://sts.windows.net/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/"
}
}
}
我的变量.tf:
variable "audience" {
description = "respective environments"
type = any
default = {
dev = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
stg = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
prod = "41b23e61-6c1e-4545-b367-cd054e0ed4b4"
}
}
我得到的错误是:
Error: Too many vpn_client_configuration blocks
│
│ on main.tf line 933, in resource "azurerm_virtual_network_gateway" "vpn-gw":
│ 933: content {
│
│ No more than 1 "vpn_client_configuration" blocks are allowed
我不确定我在哪里给出多客户端配置这里
我正试图根据我传递的环境代码,即dev、stg、prod等,从变量映射中传递受众值
请提出建议。
我已经解决了它。删除了for_each和只是audience = var.audience[var.env]谢谢你的建议。