带有Azure CLI的Terraform-建立错误帐户 [英] Terraform with azure CLI - error building account

问题描述

使用提供者块

provider "azurerm" {
  subscription_id = var.subscription_id
  version         = "=1.44"
}

并成功登录后

az login

运行

terraform plan

我收到以下错误:

Error: Error building account: Error getting authenticated object ID: Error parsing json result from the Azure CLI: Error waiting for the Azure CLI: exit status 2

on main.tf line 21, in provider "azurerm":
21: provider "azurerm" {

更新:

如果我将提供程序块更改为:

If I change the provider block to:

provider "azurerm" {
 version = "~> 1.43"
}

并设置环境变量

ARM_USE_MSI=true
ARM_SUBSCRIPTION_ID=<...>
ARM_TENANT_ID=<...>
HTTP_PROXY=<...>
HTTPS_PROXY=<...>
http_proxy=<...>
https_proxy=<...>

比执行Terraform计划后发生以下错误:

than after executing terraform plan I get the following error:

与169.254.169.254的连接失败.无法托管.

在我看来，很奇怪，服务端点IP被硬编码"到了terraform客户端中.

which is very strange, as it seems to me, that a service endpoints IP is "hardcoded" into the terraform client.

推荐答案

删除变量

ARM_USE_MSI = true

ARM_USE_MSI=true

解决了我的问题.

此变量告诉terraform使用托管服务标识.请参阅 docs .问题是，从那点开始使用的Azure实例元数据服务终结点(可在上述IP上使用)只能从VM内访问，而我正在从桌面运行terraform.

This variable tells terraform to use Managed Service Identity. See the docs. The problem was, that the Azure Instance Metadata service endpoint(available on the above mentioned IP), that is used from that point, is only accessible from within a VM, and I was running the terraform from my desktop.

这篇关于带有Azure CLI的Terraform-建立错误帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！