英文:
How can I reference Firewall Private IP address in Terraform while creating Route in Azure
问题
我正在尝试通过Terraform为Azure创建路由,并希望将防火墙的私有IP地址作为下一跳地址。但是其中的代码都没有起作用。
resource "azurerm_firewall" "Fireall-variable" {name = "Main-Firewall"location = azurerm_resource_group.East-rg-variable.locationresource_group_name = azurerm_resource_group.East-rg-variable.namesku_name = "AZFW_VNet"sku_tier = "Standard"ip_configuration {name = "configuration"subnet_id = azurerm_subnet.subnet2.idpublic_ip_address_id = azurerm_public_ip.Firewallip-variable.id}}
resource "azurerm_route_table" "westroute" {name = "West-route-table"location = azurerm_resource_group.East-rg-variable.locationresource_group_name = azurerm_resource_group.East-rg-variable.namedisable_bgp_route_propagation = falseroute {name = "route1"address_prefix = "0.0.0.0/0"next_hop_type = "VirtualAppliance"next_hop_in_ip_address = "10.0.1.4"}}
英文:
I am trying to create Route for Azure through Terraform and and wants to next Firewall's private IP address as next hop address. But none of the coding is working.
resource "azurerm_firewall" "Fireall-variable" {name = "Main-Firewall"location = azurerm_resource_group.East-rg-variable.locationresource_group_name = azurerm_resource_group.East-rg-variable.namesku_name = "AZFW_VNet"sku_tier = "Standard"ip_configuration {name = "configuration"subnet_id = azurerm_subnet.subnet2.idpublic_ip_address_id = azurerm_public_ip.Firewallip-variable.id}}
resource "azurerm_route_table" "westroute" {name = "West-route-table"location = azurerm_resource_group.East-rg-variable.locationresource_group_name = azurerm_resource_group.East-rg-variable.namedisable_bgp_route_propagation = falseroute {name = "route1"address_prefix = "0.0.0.0/0"next_hop_type = "VirtualAppliance"next_hop_in_ip_address = "10.0.1.4"}
答案1
得分: 1
我在我的环境中进行了复制,并获得了如下所示的预期结果:
以下是我使用创建带有路由表的Azure防火墙的代码,并且我遵循了Document1和Document2:
provider "azurerm" {features {}}resource "azurerm_resource_group" "emo-rg" {name = "emo-resources"location = "West Europe"}resource "azurerm_public_ip" "example" {name = "testpip"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.nameallocation_method = "Static"sku = "Standard"}resource "azurerm_virtual_network" "vnet" {name = "ritwik-vnet"address_space = ["10.0.0.0/16"]location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.name}resource "azurerm_subnet" "subnet" {name = "AzureFirewallSubnet"resource_group_name = azurerm_resource_group.emo-rg.namevirtual_network_name = azurerm_virtual_network.vnet.nameaddress_prefixes = ["10.0.1.0/24"]}resource "azurerm_firewall" "firewall" {name = "testfirewall"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.namesku_name = "AZFW_VNet"sku_tier = "Premium"ip_configuration {name = "configuration"subnet_id = azurerm_subnet.subnet.idpublic_ip_address_id = azurerm_public_ip.example.id}}resource "azurerm_route_table" "westroute" {name = "West-route-table"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.namedisable_bgp_route_propagation = falseroute {name = "route1"address_prefix = "0.0.0.0/0"next_hop_type = "VirtualAppliance"next_hop_in_ip_address = azurerm_firewall.firewall.ip_configuration[0].private_ip_address}}
输出:
执行terraform代码后创建的资源:
成功运行上述代码后,路由表将使用以下IP地址创建:
现在在防火墙中:
英文:
I have reproduced in my environment and got expected results as below:
Here is the code with which I created Azure Firewall with route table and I followed Document1 and Document2:
provider "azurerm" {features {}}resource "azurerm_resource_group" "emo-rg" {name = "emo-resources"location = "West Europe"}resource "azurerm_public_ip" "example" {name = "testpip"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.nameallocation_method = "Static"sku = "Standard"}resource "azurerm_virtual_network" "vnet" {name = "ritwik-vnet"address_space = ["10.0.0.0/16"]location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.name}resource "azurerm_subnet" "subnet" {name = "AzureFirewallSubnet"resource_group_name = azurerm_resource_group.emo-rg.namevirtual_network_name = azurerm_virtual_network.vnet.nameaddress_prefixes = ["10.0.1.0/24"]}resource "azurerm_firewall" "firewall" {name = "testfirewall"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.namesku_name = "AZFW_VNet"sku_tier = "Premium"ip_configuration {name = "configuration"subnet_id = azurerm_subnet.subnet.idpublic_ip_address_id = azurerm_public_ip.example.id}}resource "azurerm_route_table" "westroute" {name = "West-route-table"location = azurerm_resource_group.emo-rg.locationresource_group_name = azurerm_resource_group.emo-rg.namedisable_bgp_route_propagation = falseroute {name = "route1"address_prefix = "0.0.0.0/0"next_hop_type = "VirtualAppliance"next_hop_in_ip_address = azurerm_firewall.firewall.ip_configuration[0].private_ip_address}}
Output:
Resources created after executing terraform code:
After running the above code successfully, Route table is created with the below IP Address:
Now in Firewall:
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论