我在 terraform 上部署它时遇到问题。我对此很陌生,但我设法一路走到这里,哈哈。我的地形初始化没有问题。但我无法通过下面的错误。我已对环境变量进行了编码,如下所示。据了解,我的 terraform 版本很旧,但我引用的应用程序文档建议使用此版本。我在 ADAL 中看到错误,并且它已被 MSAL 取代,但有没有办法绕过这个问题?有什么推荐吗?谢谢!
export ARM_SUBSCRIPTION_ID="xxxxxx"
export ARM_TENANT_ID="xxxxxx"
export ARM_CLIENT_ID="xxxxxx",
export ARM_CLIENT_SECRET="xxxxxxx",
$ terraform version
Terraform v0.11.11
+ provider.azurerm v1.44.0
+ provider.local v1.4.0
+ provider.null v2.1.2
+ provider.template v2.2.0
+ provider.tls v2.2.0
{
"azure-cli": "2.59.0",
"azure-cli-core": "2.59.0",
"azure-cli-telemetry": "1.1.0",
"extensions": {
"ml": "2.24.0"
}
}
provider.azurerm: Error building account: Error getting authenticated object ID: Error listing Service Principals: autorest.DetailedError{Original:adal.tokenRefreshError{message:"adal: Refresh request failed. Status Code = '400'. Response body: {\"error\":\"unauthorized_client\",\"error_description\":\"AADSTS700016: Application with identifier 'xxxxxxxxxxxxx-xxxxxxxxxxx,' was not found in the directory 'Contoso'. "error_codes\":[700016],\"timestamp\":\"2024-04-24 05:36:25Z\",\"trace_id\":\"xxxxxxxxxxxxx-xxxxxxxxxxx\",\"correlation_id\":\"xxxxxxxxxxxxx-xxxxxxxxxxxxx\",\"error_uri\":\"https://login.microsoftonline.com/error?code=700016\"}", resp:(*http.Response)(0xc000a8e090)}, PackageType:"azure.BearerAuthorizer", Method:"WithAuthorization", StatusCode:400, Message:"Failed to refresh the Token for request to https://graph.windows.net/xxxxxxxxxxxx-xxxxxxxxxxxxxx/servicePrincipals?%24filter=appId+eq+xxxxxxxxxxxxxxxxpi-version=1.6", ServiceError:[]uint8(nil), Response:(*http.Response)(0xc000a8e090)}
能够无错误地运行 terraform plan。
我在 ADAL 中看到错误,并且它已被 MSAL 取代,但有没有办法绕过这个问题?有什么推荐吗?谢谢!
感谢Mark建议使用最新版本的
Terraform
。
要解决此问题,您可能需要从此处安装最新版本的 Terraform,即 版本 1.8.2。
Powershell
> $env:ARM_CLIENT_ID = "00000000-0000-0000-0000-000000000000"
> $env:ARM_CLIENT_SECRET = "12345678-0000-0000-0000-000000000000"
> $env:ARM_TENANT_ID = "10000000-0000-0000-0000-000000000000"
> $env:ARM_SUBSCRIPTION_ID = "20000000-0000-0000-0000-000000000000"
确保使用最新版本的 azurerm 提供商。
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "=3.0.0"
}
}
}
provider "azurerm" {
features {}
}