创建网络负载均衡器时出现 Terraform OCI 错误

问题描述 投票:0回答:1

我正在尝试在 OCI 中创建网络负载均衡器,但出现以下错误:

│ Error: 404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found.
│ Suggestion: Either the resource has been deleted or service Network Load Balancer need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm
│ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/network_load_balancer_network_load_balancer 
│ API Reference: https://docs.oracle.com/iaas/api/#/en/networkloadbalancer/20200501/NetworkLoadBalancer/CreateNetworkLoadBalancer 
│ Request Target: POST https://network-load-balancer-api.af-johannesburg-1.oci.oraclecloud.com/20200501/networkLoadBalancers 
│ Provider version: 5.31.0, released on 2024-02-29. This provider is 4 Update(s) behind to current. 
│ Service: Network Load Balancer 
│ Operation Name: CreateNetworkLoadBalancer 
│ OPC request ID: 0256511fde90f28584e79623b17f1b38/190C305D6D14F898BC9F8EEFCB93878A/4ED76C648A27CAEBD406E5EE79D813C2 
│ │ 
│   with oci_network_load_balancer_network_load_balancer.web,
│   on nlb.tf line 3, in resource "oci_network_load_balancer_network_load_balancer" "web":
│    3: resource "oci_network_load_balancer_network_load_balancer" "web" {

如果我手动创建 NLB 并将其导入到我的 tfstate 中,我现在会收到此错误:

404-NotAuthorizedOrNotFound, Authorization failed or requested resource not found.
│ Suggestion: Either the resource has been deleted or service Network Load Balancer need policy to access this resource. Policy reference: https://docs.oracle.com/en-us/iaas/Content/Identity/Reference/policyreference.htm
│ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/network_load_balancer_network_load_balancer 
│ API Reference: https://docs.oracle.com/iaas/api/#/en/networkloadbalancer/20200501/NetworkLoadBalancer/CreateNetworkLoadBalancer 
│ Request Target: POST https://network-load-balancer-api.af-johannesburg-1.oci.oraclecloud.com/20200501/networkLoadBalancers 
│ Provider version: 5.31.0, released on 2024-02-29. This provider is 4 Update(s) behind to current. 
│ Service: Network Load Balancer 
│ Operation Name: CreateNetworkLoadBalancer 
│ OPC request ID: 393f50d1bc243450e5d99f5d35b2633a/6BE524CE75B807B16CE03B3CCC3EFF51/F18A5909F19EBA97E64AACB30AECFE36

下面是我的 NLB 的代码:

# Create a network load balancer for web servers
resource "oci_network_load_balancer_network_load_balancer" "web" {
  compartment_id                 = "ocid1.compartment.oc1xxxx"
  display_name                   = "web"
  subnet_id                      = oci_core_subnet.web_public_01.id
  freeform_tags                  = local.tags.defaults
  is_preserve_source_destination = true
  is_private                     = false
  network_security_group_ids = [
    oci_core_network_security_group_security_rule.web.id
  ]
}

# NSG Backend Sets
resource "oci_network_load_balancer_backend_set" "web" {

  name                     = "web-backend-sets"
  network_load_balancer_id = oci_network_load_balancer_network_load_balancer.web.id
  policy                   = "FIVE_TUPLE"


  health_checker {

    protocol = "HTTP"

    #Optional
    interval_in_millis = 10000
    port               = 80
    # request_data        = var.backend_set_health_checker_request_data
    # response_body_regex = var.backend_set_health_checker_response_body_regex
    # response_data       = var.backend_set_health_checker_response_data
    # retries             = var.backend_set_health_checker_retries
    # return_code         = var.backend_set_health_checker_return_code
    # timeout_in_millis   = var.backend_set_health_checker_timeout_in_millis
    url_path = "/"
  }

  #Optional
  # ip_version = var.backend_set_ip_version
  # is_preserve_source = var.backend_set_is_preserve_source
}

# NSG Backends
resource "oci_network_load_balancer_backend" "web_01" {
  backend_set_name         = oci_network_load_balancer_backend_set.web.name
  network_load_balancer_id = oci_network_load_balancer_network_load_balancer.web.id
  port                     = 80

  is_backup  = false
  is_drain   = false
  is_offline = false
  # name       = oci_core_instance.web_01.display_name
  target_id = oci_core_instance.web_01.id
  weight    = 1
}

resource "oci_network_load_balancer_backend" "web_02" {
  backend_set_name         = oci_network_load_balancer_backend_set.web.name
  network_load_balancer_id = oci_network_load_balancer_network_load_balancer.web.id
  port                     = 80

  is_backup  = false
  is_drain   = false
  is_offline = false
  # name       = oci_core_instance.web_02.display_name
  target_id = oci_core_instance.web_02.id
  weight    = 1
}

# NSG Listeners
resource "oci_network_load_balancer_listener" "web" {
  #Required
  default_backend_set_name = oci_network_load_balancer_backend_set.web.name
  name                     = "web-listeners"
  network_load_balancer_id = oci_network_load_balancer_network_load_balancer.web.id
  port                     = 80
  protocol                 = "TCP_AND_UDP"
}

我是否缺少策略或其他可以让我创建 NLB 资源的内容?

terraform oracle-cloud-infrastructure terraform-provider-oci network-load-balancer
1个回答
0
投票

看起来像是授权问题,请确保 Terraform 使用的帐户有足够的权限来创建 NLB。

  • 检查用户帐户是否属于 Administrators 组。
  • 如果不适用,您可能需要将此政策 
    LOAD_BALANCER_CREATE
    添加到您的帐户。

参考:https://docs.oracle.com/en-us/iaas/Content/Identity/policyreference/lbpolicyreference.htm#Details_for_Load_Balancing

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.