terraform - 用于关联 Azure NSG 的 terraform 脚本的后端流程是什么

问题描述

下面给出的脚本工作正常。但问题是，当我第二次应用 Terraform 时，它会解除 NSG 与子网的关联。当我再次申请时，它会关联到子网。我的代码有什么问题吗，或者这条线实际上做了什么，也许可以解决我的问题。

network_security_group_id = 
"${element(azurerm_network_security_group.NetworkSG.*.id,count.index)}"

下面的代码是我的 main.tf：

resource "azurerm_subnet" "Subnet" {
count                     = "${length(var.Subnet_name)}"
name                      = "${var.Subnet_name[count.index]}"
virtual_network_name      = "${azurerm_virtual_network.Vnet.name}"
resource_group_name       = 
"${azurerm_resource_group.ResourceGroup.name}"
address_prefix            = 
"${element(var.Subnet_range[var.Subnet_name[count.index]], 0)}"
}
resource "azurerm_network_security_group" "NetworkSG" {
  count  =  "${length(var.Subnet_name)}"
  name                = 
"${element(var.Subnet_range[var.Subnet_name[count.index]], 1)}"
  location            = 
"${azurerm_resource_group.ResourceGroup.location}"
  resource_group_name = "${azurerm_resource_group.ResourceGroup.name}"
}
resource "azurerm_subnet_network_security_group_association" 
"NetworkSGassociation" {
count= "${length(var.Subnet_name)}"
subnet_id = "${element(azurerm_subnet.Subnet.*.id, count.index)}"
network_security_group_id = 
"${element(azurerm_network_security_group.NetworkSG.*.id,count.index)}" 
}

下面是我的 .tfvars 文件：

Subnet_name= ["SCB-Sub1","SCB-Sub2","SCB-Sub3"]
Subnet_range =
{
    SCB-Sub1= ["10.10.0.0/24","SCB-nsg1"]
    SCB-Sub2= ["10.10.1.0/24","SCB-nsg2"]
    SCB-Sub3= ["10.10.2.0/24","SCB-nsg3"]
}

这是我使用 terraform plan 时得到的输出：

azurerm_subnet.Subnet[1]: Modifying... (ID: /subscriptions/0000-...tualNetworks/SCB_vnet/subnets/SCB-Sub3) network_security_group_id: "/subscriptions/0000/resourceGroups/SCB- rg/providers/Microsoft.Network/networkSecurityGroups/SCB-nsg3" => ""

标签： terraform