这可能是一个愚蠢的错误,但我没有看到它,所以我请求帮助和澄清。我似乎无法从我的www.example.com调用我的值outputs.tf,我的RBAC有两个“依赖项”,一个来自我的azurerm文件夹,一个来自我的azuread文件夹。我基本上是在尝试将Azure RBAC授予Azure安全组。
具有以下结构的:
IaC/
├─ deployments/
├─ modules/
│ ├─ aws/
│ ├─ azuread/
│ │ ├─ security-groups/
│ │ | ├─ cns/
| | | | ├─ main.tf
| | | | ├─ outputs.tf
| | | | ├─ variables.tf
│ ├─ azurerm/
│ │ ├─ akv/
│ │ │ ├─ main.tf
| | | ├─ outputs.tf
│ │ │ ├─ variables.tf
│ │ ├─ rbac/
│ │ | ├─ rbac-rg-operator/
│ │ │ | ├─ main.tf
| | | | ├─ outputs.tf
│ │ │ | ├─ variables.tf
│ │ ├─ rg/
│ │ │ ├─ main.tf
| | | ├─ outputs.tf
│ │ │ ├─ variables.tf
├─ project-templates/
│ ├─ azure/
│ │ ├─ project-template-solution-1/
│ │ │ ├─ akv.tf
│ │ │ ├─ main.tf
│ │ │ ├─ rg.tf
│ │ │ ├─ rbac-rg-operator.tf
│ │ │ ├─ sg-cns.tf
│ │ │ ├─ variables.tf
│ │ │ ├─ terragrunt.hcl
├─ terragrunt.hcl我在运行terragunt计划时收到以下错误信息。
以下是我关注的配置文件:
IaC/modules/azuread/security-groups/cns/
main.tf
terraform {
required_providers {
azuread = {
source = "hashicorp/azuread"
version = "2.31.0"
}
}
}
provider "azuread" {
tenant_id = var.azure_tenant_id
}
data "azuread_client_config" "current" {}
#create azure active directory group cns
resource "azuread_group" "azure_sg_cns" {
display_name = var.azure_sg_cns
owners = [data.azuread_client_config.current.object_id]
security_enabled = true
}outputs.tf
output "azure_sg_cns_object_id_out" {
value = azuread_group.azure_sg_cns.object_id
}variables.tf
variable "azure_sg_cns" {
type = string
description = "Azure AD Security Group Name CNS"
}
variable "azure_tenant_id" {
type = string
description = "Azure Tenant Id"
}IaC/modules/azurerm/rbac/rbac-rg-operator/
main.tf
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "3.42.0"
}
azuread = {
source = "hashicorp/azuread"
version = "2.31.0"
}
}
}
resource "azurerm_role_assignment" "rbac-rg-operator" {
scope = var.azure_rg_name
role_definition_name = "RG Operator"
principal_id = var.azure_sg_cns.object_id
}variables.tf
variable "azure_sg_cns" {
type = string
description = "Azure AD Security Group Name CNS"
}
variable "azure_rg_name" {
type = string
description = "Azure Resource Group Name"
}
variable "azure_tenant_id" {
type = string
description = "Azure Tenant Id"
}IaC/modules/project-templates/azure/project-template-solution-1/
rbac-rg-operator.tf
module "rbac-rg-operator" {
source ="../../..//modules/azurerm/rbac/rbac-rg-operator/"
azure_sg_cns = module.azure_sg_cns.azure_sg_cns_object_id_out
azure_rg_name = module.rg.rg_id_out
azure_tenant_id = var.azure_tenant_id
}
1条答案
按热度按时间insrf1ej1#
更改了以下内容以使其工作:
rbac-rg-operator.tf
至
第3行:
azure_sg_cns = module.azure_sg_cns.azure_sg_cns_object_id_out变为azure_sg_cns = module.sg-cns.azure_sg_cns_object_id_out