英文:
How can I reference Firewall Private IP address in Terraform while creating Route in Azure
问题
我正在尝试通过Terraform为Azure创建路由,并希望将防火墙的私有IP地址作为下一跳地址。但是其中的代码都没有起作用。
resource "azurerm_firewall" "Fireall-variable" {
name = "Main-Firewall"
location = azurerm_resource_group.East-rg-variable.location
resource_group_name = azurerm_resource_group.East-rg-variable.name
sku_name = "AZFW_VNet"
sku_tier = "Standard"
ip_configuration {
name = "configuration"
subnet_id = azurerm_subnet.subnet2.id
public_ip_address_id = azurerm_public_ip.Firewallip-variable.id
}
}
resource "azurerm_route_table" "westroute" {
name = "West-route-table"
location = azurerm_resource_group.East-rg-variable.location
resource_group_name = azurerm_resource_group.East-rg-variable.name
disable_bgp_route_propagation = false
route {
name = "route1"
address_prefix = "0.0.0.0/0"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = "10.0.1.4"
}
}
英文:
I am trying to create Route for Azure through Terraform and and wants to next Firewall's private IP address as next hop address. But none of the coding is working.
resource "azurerm_firewall" "Fireall-variable" {
name = "Main-Firewall"
location = azurerm_resource_group.East-rg-variable.location
resource_group_name = azurerm_resource_group.East-rg-variable.name
sku_name = "AZFW_VNet"
sku_tier = "Standard"
ip_configuration {
name = "configuration"
subnet_id = azurerm_subnet.subnet2.id
public_ip_address_id = azurerm_public_ip.Firewallip-variable.id
}
}
resource "azurerm_route_table" "westroute" {
name = "West-route-table"
location = azurerm_resource_group.East-rg-variable.location
resource_group_name = azurerm_resource_group.East-rg-variable.name
disable_bgp_route_propagation = false
route {
name = "route1"
address_prefix = "0.0.0.0/0"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = "10.0.1.4"
}
答案1
得分: 1
我在我的环境中进行了复制,并获得了如下所示的预期结果:
以下是我使用创建带有路由表的Azure防火墙的代码,并且我遵循了Document1和Document2:
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "emo-rg" {
name = "emo-resources"
location = "West Europe"
}
resource "azurerm_public_ip" "example" {
name = "testpip"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_virtual_network" "vnet" {
name = "ritwik-vnet"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
}
resource "azurerm_subnet" "subnet" {
name = "AzureFirewallSubnet"
resource_group_name = azurerm_resource_group.emo-rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_firewall" "firewall" {
name = "testfirewall"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
sku_name = "AZFW_VNet"
sku_tier = "Premium"
ip_configuration {
name = "configuration"
subnet_id = azurerm_subnet.subnet.id
public_ip_address_id = azurerm_public_ip.example.id
}
}
resource "azurerm_route_table" "westroute" {
name = "West-route-table"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
disable_bgp_route_propagation = false
route {
name = "route1"
address_prefix = "0.0.0.0/0"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = azurerm_firewall.firewall.ip_configuration[0].private_ip_address
}
}
输出:
执行terraform代码后创建的资源:
成功运行上述代码后,路由表将使用以下IP地址创建:
现在在防火墙中:
英文:
I have reproduced in my environment and got expected results as below:
Here is the code with which I created Azure Firewall with route table and I followed Document1 and Document2:
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "emo-rg" {
name = "emo-resources"
location = "West Europe"
}
resource "azurerm_public_ip" "example" {
name = "testpip"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_virtual_network" "vnet" {
name = "ritwik-vnet"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
}
resource "azurerm_subnet" "subnet" {
name = "AzureFirewallSubnet"
resource_group_name = azurerm_resource_group.emo-rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefixes = ["10.0.1.0/24"]
}
resource "azurerm_firewall" "firewall" {
name = "testfirewall"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
sku_name = "AZFW_VNet"
sku_tier = "Premium"
ip_configuration {
name = "configuration"
subnet_id = azurerm_subnet.subnet.id
public_ip_address_id = azurerm_public_ip.example.id
}
}
resource "azurerm_route_table" "westroute" {
name = "West-route-table"
location = azurerm_resource_group.emo-rg.location
resource_group_name = azurerm_resource_group.emo-rg.name
disable_bgp_route_propagation = false
route {
name = "route1"
address_prefix = "0.0.0.0/0"
next_hop_type = "VirtualAppliance"
next_hop_in_ip_address = azurerm_firewall.firewall.ip_configuration[0].private_ip_address
}
}
Output:
Resources created after executing terraform code:
After running the above code successfully, Route table is created with the below IP Address:
Now in Firewall:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论