azure - 在 azurerm_app_service.ip_restriction 中的 terraform azurerm_app_service.outbound_ip_addresses 中使用

问题描述

我有两个 azurerm_app_service。首先

resource "azurerm_app_service" "first" {
  name = "${local.webAppFirstCloudName}"
  location = "${azurerm_resource_group.rg.location}"

  resource_group_name = "${azurerm_resource_group.rg.name}"
  app_service_plan_id = "${azurerm_app_service_plan.plan.id}"
  ...

上面的网络应用程序可以通过公共 IP 访问互联网。

第二个也可以通过互联网使用公共 IP 访问。但是这里我想设置第一个webapp的ip地址。所以第二个只能通过第一个 webapp 访问。

这是描述：

resource "azurerm_app_service" "second" {
  name = "${local.webAppSecondCloudName}"
  location = "${azurerm_resource_group.rg.location}"

  resource_group_name = "${azurerm_resource_group.rg.name}"
  app_service_plan_id = "${azurerm_app_service_plan.plan.id}"

  tags = {
    ApplicationName = "${var.applicationName}"
    BU-CostCenter = "${var.buCostCenter}"
    CostCenter = "${var.costCenter}"
    ProjectNumber = "${var.projectNumber}"
    Requester = "${var.requester}"
    Environment = "${var.environment}"
    Owner = "${var.owner}"
  }

  site_config {
    scm_type = "LocalGit"
    linux_fx_version = "JAVA|8-jre8"

    ip_restriction = "${split(",", azurerm_app_service.webAppLsgCloud.outbound_ip_addresses)}"

  }

  app_settings = {
    JAVA_OPTS = "-Xmx2G -Dspring.profiles.active=${var.stage} -Djava.net.preferIPOv4Stack=true -Dserver.port=80 -Dazure.cosmosdb.key=${azurerm_cosmosdb_account.db.primary_master_key} -Dazure.cosmosdb.uri=${azurerm_cosmosdb_account.db.endpoint} -Dazure.storage.account-name=${azurerm_storage_account.storage.name} -Dazure.storage.account-key=${azurerm_storage_account.storage.primary_access_key}"
    WEBSITE_HTTPLOGGING_RETENTION_DAYS = "7"
  }
}

进入后

PS C:\workspaces\intellij\terraform> terraform plan -var-file="cloud.dev.tfvars" -out=execution-plan
Acquiring state lock. This may take a few moments...

Error: azurerm_app_service.second: site_config.0.ip_restriction: should be a list

有人知道如何将列表转换为适当的限制格式吗？

标签： azureterraform