我正在学习Terraform,并负责在Azure中设置中心和分支网络。我正在尝试为该任务配置网络管理器,其中一个要求是使用使用静态成员的网络组。
在为SPoke设置VNet时,我之前处理的代码使用了for each语句。网络组也使用了for each语句。
我选择手动设置Vnet和Subnet,但现在我不确定如何将两个辐条添加到同一组。
当从微软看基本模板时,我不知道如何将两者添加到同一个网络组。由于两个VNet都是唯一的,我认为我不能对每个语句都使用a(但在这一点上我可能完全错了。
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Network/networkManagers/networkGroups/staticMembers@2022-07-01"
name = "string"
parent_id = "string"
body = jsonencode({
properties = {
resourceId = "string"
}
})
}在上面的模板中,我想使用多个资源ID,但我不确定这是否可行。有人能提出解决这个问题的最佳方法吗?
- 旧代码**
resource "azurerm_virtual_network" "spokes" {
for_each = local.spoke_subnets
name = each.key
resource_group_name = azurerm_resource_group.test.name
location = azurerm_resource_group.test.location
address_space = each.value.address_space
}
resource "azapi_resource" "network_manager" {
type = "Microsoft.Network/networkManagers@2022-07-01"
name = "networkmanager"
parent_id = azurerm_resource_group.test.id
location = azurerm_resource_group.test.location
body = jsonencode({
properties = {
networkManagerScopeAccesses = [
"Connectivity",
"SecurityAdmin"
]
networkManagerScopes = {
subscriptions = [
data.azurerm_subscription.current.id
]
}
}
})
}
resource "azapi_resource" "spoke_group" {
type = "Microsoft.Network/networkManagers/networkGroups@2022-07-01"
name = "spokes"
parent_id = azapi_resource.network_manager.id
body = jsonencode({
properties = {
memberType = "VirtualNetwork"
}
})
}
resource "azapi_resource" "spoke_group_members" {
type = "Microsoft.Network/networkManagers/networkGroups/staticMembers@2022-07-01"
for_each = azurerm_virtual_network.spokes
name = each.value.name
parent_id = azapi_resource.spoke_group.id
body = jsonencode({
properties = {
resourceId = each.value.id
}
})
}- 新编码**
resource "azurerm_virtual_network" "vm-spoke-vnet" {
name = "ty-vm-spoke-vnet"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
address_space = ["10.1.0.0/16"]
tags = {
environment = "hub-spoke"
}
}
#VNet for AKS Spoke - Not sure if correct
resource "azurerm_virtual_network" "aks-spoke-vnet" {
name = "ty-aks-spoke-vnet"
location = azurerm_resource_group.test.location
resource_group_name = azurerm_resource_group.test.name
address_space = ["10.2.0.0/16"]
tags = {
environment = "hub-spoke"
}
}
#Subnet for VMs
resource "azurerm_subnet" "vm-spoke-subnet" {
name = "ty-vm-subnet"
resource_group_name = azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.vm-spoke-vnet.name
address_prefixes = ["10.1.0.64/27"]
}
#Subnet for AKS - Not sure if correct
resource "azurerm_subnet" "aks-spoke-subnet" {
name = "ty-aks-subnet"
resource_group_name = azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.aks-spoke-vnet.name
address_prefixes = ["10.2.0.64/27"]
}
resource "azapi_resource" "network_manager" {
type = "Microsoft.Network/networkManagers@2022-07-01"
name = "networkmanager"
parent_id = azurerm_resource_group.test.id
location = azurerm_resource_group.test.location
body = jsonencode({
properties = {
networkManagerScopeAccesses = [
"Connectivity",
"SecurityAdmin"
]
networkManagerScopes = {
subscriptions = [
data.azurerm_subscription.current.id
]
}
}
})
}
#Group for all of the Spoke Networks
resource "azapi_resource" "spoke_group" {
type = "Microsoft.Network/networkManagers/networkGroups@2022-07-01"
name = "spokes"
parent_id = azapi_resource.network_manager.id
body = jsonencode({
properties = {
memberType = "VirtualNetwork"
}
})
}
resource "azapi_resource" "spoke_group_members" {
type = "Microsoft.Network/networkManagers/networkGroups/staticMembers@2022-07-01"
for_each = azurerm_virtual_network.spokes
name = each.value.name
parent_id = azapi_resource.spoke_group.id
body = jsonencode({
properties = {
resourceId = each.value.id
}
})
}
1条答案
按热度按时间6psbrbz91#
检查提供的以下代码:
这里,资源“azurerm_virtual_network”“spoke”正在创建两个虚拟网络,spoke1和spoke2。
这意味着需要将两个不同的网络组添加到分支组本身。
因此,可以使用具有组合vnet的局部变量来添加更多的组成员: