I'm trying to create an instance of Application Gateway. While doing so, I get the following error:
Error: creating Application Gateway: (Name "name-gateway-wgrkecswbk" / Resource Group "name03n62mct"): network.ApplicationGatewaysClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="InvalidResourceName" Message="Resource name is invalid. The name can be up to 80 characters long. It must begin with a word character, and it must end with a word character or with '_'. The name may contain word characters or '.', '-', '_'." Details=[]
The name used is name-gateway-wgrkecswbk which, looks to be a valid name according the error description.
The location used is
with module.name.module.gateway[0].azurerm_application_gateway.res,
on .terraform/modules/name/modules/gateway/main.tf line 20, in resource "azurerm_application_gateway" "name":
20: resource "azurerm_application_gateway" "name" {
Tried removed dashes and making it shorter, with the same results.
The unicode character [i.e., space] on the gateway name may cause a problem. I have repeated the procedure using the same application gateway name, "name-gateway-wgrkecswbk."
below code reference from harshicop
main tf as follows:
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "example" {
name = "**********"
location = "West Europe"
}
resource "azurerm_virtual_network" "example" {
name = "examples-network"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
address_space = ["10.254.0.0/16"]
}
resource "azurerm_subnet" "frontend" {
name = "frontend"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.254.0.0/24"]
}
resource "azurerm_subnet" "backend" {
name = "backend"
resource_group_name = azurerm_resource_group.example.name
virtual_network_name = azurerm_virtual_network.example.name
address_prefixes = ["10.254.2.0/24"]
}
resource "azurerm_public_ip" "example" {
name = "examples-pip"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
allocation_method = "Dynamic"
}
locals {
backend_address_pool_name = "${azurerm_virtual_network.example.name}-beap"
frontend_port_name = "${azurerm_virtual_network.example.name}-feport"
frontend_ip_configuration_name = "${azurerm_virtual_network.example.name}-feip"
http_setting_name = "${azurerm_virtual_network.example.name}-be-htst"
listener_name = "${azurerm_virtual_network.example.name}-httplstn"
request_routing_rule_name = "${azurerm_virtual_network.example.name}-rqrt"
redirect_configuration_name = "${azurerm_virtual_network.example.name}-rdrcfg"
}
resource "azurerm_application_gateway" "network" {
name = "name-gateway-wgrkecswbk"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
sku {
name = "Standard_Small"
tier = "Standard"
capacity = 2
}
gateway_ip_configuration {
name = "my-gateway-ip-configuration"
subnet_id = azurerm_subnet.frontend.id
}
frontend_port {
name = local.frontend_port_name
port = 80
}
frontend_ip_configuration {
name = local.frontend_ip_configuration_name
public_ip_address_id = azurerm_public_ip.example.id
}
backend_address_pool {
name = local.backend_address_pool_name
}
backend_http_settings {
name = local.http_setting_name
cookie_based_affinity = "Disabled"
path = "/path1/"
port = 80
protocol = "Http"
request_timeout = 60
}
http_listener {
name = local.listener_name
frontend_ip_configuration_name = local.frontend_ip_configuration_name
frontend_port_name = local.frontend_port_name
protocol = "Http"
}
request_routing_rule {
name = local.request_routing_rule_name
rule_type = "Basic"
http_listener_name = local.listener_name
backend_address_pool_name = local.backend_address_pool_name
backend_http_settings_name = local.http_setting_name
}
}
provide tf as follows:
terraform {
required_version = "~>1.3.3"
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">=3.5.0"
}
}
}
Output while running plan command
terraform plan
upon apply
terraform apply -auto-approve
From Portal:
The issue was that under ssl_certificate, the name property was using a variable ssl_certificate_name which turned to be empty.
Then, the error coming back from Azure was half correct; It was an invalid name used, since it was an empty var, but not at the resource level ( azurerm_application_gateway.name ), instead it was at the inner block azurerm_application_gateway.name.ssl_certificate.name level.
Code:
resource "azurerm_application_gateway" "name" {
//....
ssl_certificate {
// var contents were empty
name = var.ssl_certificate_name
}
}
Already reported this issue to Azure so hopefully it gets resolved soon.
Provider version was 3.37
Related
Currently I'm trying to create a new Internal Load Balancer, which uses existing VMs already present in Azure. I was looking on how i can include these VMs data in the Terraform script. I did research a bit on this and found some have done it through NAT association, which doesn't work in my case, as i'm trying to deploy an Internal Load Balancer.
Please assist.
Current code:
data "azurerm_virtual_network" "vnet0001" {
name = "vnet0001"
resource_group_name = "vnet-rg"
}
data "azurerm_subnet" "sub" {
name = "vnet00001-sub"
resource_group_name = "vnet-rg"
}
resource "azurerm_lb" "terra-app" {
name = "lb-dev"
location = "East US2"
resource_group_name = azurerm_resource_group.terra-app.name
sku = "Standard"
sku-tier = "Regional"
frontend_ip_configuration {
name = "frontendip"
zones = ["1", "2", "3"]
subnet_id = azurerm_subnet.sub.id
private_ip_address_allocation = "Dynamic"
}
}
resource "azurerm_lb_backend_address_pool" "terra-app" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "lb-backendpool"
}
resource "azurerm_lb_probe" "h-probe" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "hp1"
port = 111
protocol = "Tcp"
request_path = "/"
}
resource "azurerm_lb_rule" "lb-rule" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "lb-r1"
protocol = "Tcp"
frontend_port = 111
backend_port = 111
frontend_ip_configuration_name = "frontendip"
backend_address_pool_ids = azurerm_lb_backend_address_pool.terra-app.id
probe_id = azurerm_lb_probe.terra-ipp.id
}
I tried to reproduce the same issue in my environment and got the below results
I have added the some script for below file
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "my-rg-test" {
name = "RG-Terraform-on-Azure"
location = "West Europe"
}
resource "azurerm_virtual_network" "my-vnet-test" {
name = "example-vnet"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.my-rg-test.location
resource_group_name = azurerm_resource_group.my-rg-test.name
}
resource "azurerm_subnet" "example" {
name = "example-subnet"
resource_group_name = azurerm_resource_group.my-rg-test.name
virtual_network_name = azurerm_virtual_network.my-vnet-test.name
address_prefixes = ["10.0.2.0/24"]
service_endpoints = ["Microsoft.Storage"]
}
resource "azurerm_lb" "terra-app" {
name = "lb-dev"
location = "East US2"
resource_group_name = azurerm_resource_group.terra-app.name
sku = "Standard"
sku-tier = "Regional"
frontend_ip_configuration {
name = "frontendip"
zones = ["1", "2", "3"]
subnet_id = azurerm_subnet.sub.id
private_ip_address_allocation = "Dynamic"!
}
}
resource "azurerm_lb_backend_address_pool" "terra-app" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "lb-backendpool"
}
resource "azurerm_lb_probe" "h-probe" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "hp1"
port = 111
protocol = "Tcp"
request_path = "/"
}
resource "azurerm_lb_rule" "lb-rule" {
loadbalancer_id = azurerm_lb.terra-app.id
name = "lb-r1"
protocol = "Tcp"
frontend_port = 111
backend_port = 111
frontend_ip_configuration_name = "frontendip"
backend_address_pool_ids = azurerm_lb_backend_address_pool.terra-app.id
probe_id = azurerm_lb_probe.terra-ipp.id
}
I have used the some commands to execute the file
terraform init
By using this command It will initialize the configuration file
terraform plan
By using this command it will determine the what needs to be created or update or destroy to move from current state to desired state
terraform apply
By using this command it will perform the changes required to reach the desired state
When I open the portal I am able to see the load balancer which I have newly created
I am trying to setup a databricks into subet and protect it by firewalls using the following code in Terraform:
Setup resource group:
provider "azurerm" {
features {
resource_group {
prevent_deletion_if_contains_resources = false
}
}
}
resource "azurerm_resource_group" "main_resource_group" {
name = var.resource_group_name
location = var.resource_group_location
}
Setup virtual network:
resource "azurerm_virtual_network" "test_vnet" {
name = var.vnet_name
address_space = ["10.0.0.0/16"]
location = var.resource_group_location
resource_group_name = var.resource_group_name
}
Setup subnets:
resource "azurerm_subnet" "private_snet" {
name = "subnet-private"
resource_group_name = var.resource_group_name
virtual_network_name = var.vnet_name
address_prefixes = ["10.0.1.0/24"]
delegation {
name = "databricksprivatermdelegation"
service_delegation {
name = "Microsoft.Databricks/workspaces"
}
}
}
resource "azurerm_subnet" "public_snet" {
name = "subnet-public"
resource_group_name = var.resource_group_name
virtual_network_name = var.vnet_name
address_prefixes = ["10.0.2.0/24"]
delegation {
name = "databrickspublicdelegation"
service_delegation {
name = "Microsoft.Databricks/workspaces"
}
}
}
Setup firewals:
resource "azurerm_network_security_group" "private_empty_nsg" {
name = "firewall-private"
location = var.resource_group_location
resource_group_name = var.resource_group_name
}
resource "azurerm_subnet_network_security_group_association" "private_nsg_asso" {
subnet_id = azurerm_subnet.private_snet.id
network_security_group_id = azurerm_network_security_group.private_empty_nsg.id
}
resource "azurerm_network_security_group" "public_empty_nsg" {
name = "firewall-public"
location = var.resource_group_location
resource_group_name = var.resource_group_name
}
resource "azurerm_subnet_network_security_group_association" "public_nsg_asso" {
subnet_id = azurerm_subnet.public_snet.id
network_security_group_id = azurerm_network_security_group.public_empty_nsg.id
}
And finally setup the databricks:
resource "azurerm_databricks_workspace" "forex_price_databricks" {
name = "databricks-test"
location = var.resource_group_location
resource_group_name = var.resource_group_name
sku = "standard"
custom_parameters {
virtual_network_id = azurerm_virtual_network.test_vnet.id
public_subnet_name = azurerm_subnet.public_snet.name
public_subnet_network_security_group_association_id = azurerm_network_security_group.public_empty_nsg.id
private_subnet_name = azurerm_subnet.private_snet.name
private_subnet_network_security_group_association_id = azurerm_network_security_group.private_empty_nsg.id
}
}
However, when i run the code in the first try i got the below error:
Error: Code="ResourceNotFound" Message="The Resource 'Microsoft.Network/virtualNetworks/my-vnet' under resource group 'My-Resource-Group' was not found.
So, the question is:
Why the Virtual Network is not created ? or cannot be found ?
Update:
When i remove the
resource_group {
prevent_deletion_if_contains_resources = false
}
I used to have this line, becuse i usually run the terraform destroy and i don't want t remove my resource group. However, even if i remove it ,I got the below error:
Message="Operation was canceled." Details=[{"code":"
CanceledAndSupersededDueToAnotherOperation","message":"Operation PutVirtualNetworkOperation was canceled and superseded by operation PutSubnetOpe
ration
Are you able to reproduce the same error ?
I am trying to create resources in azure using terraform, a SQL server database and also a virtual machine.I get the error.
│ Error: creating Subnet: (Name "db_subnetn" / Virtual Network Name "tf_dev-network" / Resource Group "terraform_youtube"): network.SubnetsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="NetcfgInvalidSubnet" Message="Subnet 'db_subnetn' is not valid in virtual network 'tf_dev-network'." Details=[]
What have I done ?
followed the link here Error while provisioning Terraform subnet using azurerm
I deleted other network resources using thesame IP range.
My network understanding is pretty basic, however from my research it appears that 10.0.0.0/16 is quite a large IP range and can lead to overlaps. So what did I do, I changed the virtual network IP range from 10.0.0.0/16 to 10.0.1.0/24 to restrict the range, what simply happened is that the error changed to
│ Error: creating Subnet: (Name "internal" / Virtual Network Name "tf_dev-network" / Resource Group "terraform_youtube"): network.SubnetsClient#CreateOrUpdate: Failure sending request: StatusCode=400 -- Original Error: Code="NetcfgInvalidSubnet" Message="Subnet 'internal' is not valid in virtual network 'tf_dev-network'." Details=[]
At this stage, I would be grateful if someone can explain what is going wrong here and what needs to be done. Thanks in advance
My files are as follows.
dbcode.tf
resource "azurerm_sql_server" "sqlserver" {
name = "tom556sqlserver"
resource_group_name = azurerm_resource_group.resource_gp.name
location = azurerm_resource_group.resource_gp.location
version = "12.0"
administrator_login = "khdfd9898rerer"
administrator_login_password = "4-v3ry-jlhdfdf89-p455w0rd"
tags = {
environment = "production"
}
}
resource "azurerm_sql_virtual_network_rule" "sqlvnetrule" {
name = "sql_vnet_rule"
resource_group_name = azurerm_resource_group.resource_gp.name
server_name = azurerm_sql_server.sqlserver.name
subnet_id = azurerm_subnet.db_subnet.id
}
resource "azurerm_subnet" "db_subnet" {
name = "db_subnetn"
resource_group_name = azurerm_resource_group.resource_gp.name
virtual_network_name = azurerm_virtual_network.main.name
address_prefixes = ["10.0.2.0/24"]
service_endpoints = ["Microsoft.Sql"]
}
main.tf
resource "azurerm_resource_group" "resource_gp" {
name="terraform_youtube"
location = "UK South"
tags = {
"owner" = "Rahman"
"purpose" = "Practice terraform"
}
}
variable "prefix" {
default = "tf_dev"
}
resource "azurerm_virtual_network" "main" {
name = "${var.prefix}-network"
address_space = ["10.0.0.0/16"]
location = azurerm_resource_group.resource_gp.location
resource_group_name = azurerm_resource_group.resource_gp.name
}
resource "azurerm_subnet" "internal" {
name = "internal"
resource_group_name = azurerm_resource_group.resource_gp.name
virtual_network_name = azurerm_virtual_network.main.name
address_prefixes = ["10.0.2.0/24"]
}
resource "azurerm_network_interface" "main" {
name = "${var.prefix}-nic"
location = azurerm_resource_group.resource_gp.location
resource_group_name = azurerm_resource_group.resource_gp.name
ip_configuration {
name = "testconfiguration1"
subnet_id = azurerm_subnet.internal.id
private_ip_address_allocation = "Dynamic"
}
}
resource "azurerm_virtual_machine" "main" {
name = "${var.prefix}-vm"
location = azurerm_resource_group.resource_gp.location
resource_group_name = azurerm_resource_group.resource_gp.name
network_interface_ids = [azurerm_network_interface.main.id]
vm_size = "Standard_B1ls"
# Uncomment this line to delete the OS disk automatically when deleting the VM
delete_os_disk_on_termination = true
# Uncomment this line to delete the data disks automatically when deleting the VM
delete_data_disks_on_termination = true
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "16.04-LTS"
version = "latest"
}
storage_os_disk {
name = "myosdisk1"
caching = "ReadWrite"
create_option = "FromImage"
managed_disk_type = "Standard_LRS"
}
os_profile {
computer_name = "hostname"
admin_username = "testadmin"
admin_password = "Password1234!"
}
os_profile_linux_config {
disable_password_authentication = false
}
tags = {
environment = "staging"
}
}
Tested with your code in my environment was getting the same error.
To fix the issue you need to change address_prefixes for db_subnet to ["10.0.3.0/24"] as ["10.0.2.0/24"] address range is already using by internal subnet in your main.tf and also check update for sqlvnetrule and do the changes in your dbcode.tf file.
resource "azurerm_mssql_server" "sqlserver" {
name = "tom556sqlserver"
resource_group_name = azurerm_resource_group.resource_gp.name
location = azurerm_resource_group.resource_gp.location
version = "12.0"
administrator_login = "khdfd9898rerer"
administrator_login_password = "4-v3ry-jlhdfdf89-p455w0rd"
tags = {
environment = "production"
}
}
resource "azurerm_subnet" "db_subnet" {
name = "db_subnetn"
resource_group_name = azurerm_resource_group.resource_gp.name
virtual_network_name = azurerm_virtual_network.main.name
address_prefixes = ["10.0.3.0/24"]
service_endpoints = ["Microsoft.Sql"]
}
resource "azurerm_mssql_virtual_network_rule" "sqlvnetrule" {
name = "sql_vnet_rule"
#resource_group_name = azurerm_resource_group.resource_gp.name
#server_name = azurerm_sql_server.sqlserver.name
server_id = azurerm_mssql_server.sqlserver.id
subnet_id = azurerm_subnet.db_subnet.id
}
im trying to build a script that will build VMs based on count. i have managed to get most of it working, but the part im failing on is assigning the created public Ips to the Nic.
the public ips are created but fail on the assignment, im not sure on how to parse correctly. Code and errors.
# Create public IPs
resource "azurerm_public_ip" "myterraformpublicip" {
count = 2
name = "myPublicIP-${count.index + 1}"
location = "westeurope"
resource_group_name = azurerm_resource_group.myterraformgroup.name
allocation_method = "Dynamic"
}
# Create network interface
resource "azurerm_network_interface" "myterraformnic" {
count = 2
name = "myNIC-${count.index + 1}"
location = "westeurope"
resource_group_name = azurerm_resource_group.myterraformgroup.name
ip_configuration {
name = "myNicConfiguration"
subnet_id = azurerm_subnet.myterraformsubnet.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = "azurerm_network_interface.myterraformpublicip.[count.index + 1].id"
}
}
#The error when running the plan.
Error: Can not parse "ip_configuration.0.public_ip_address_id" as a
resource id: Cannot parse Azure ID: parse
"element(azurerm_network_interface.myterraformpublicip.*.id,
count.index + 1)": invalid URI for request
You can use something like below for your requirement:
provider "azurerm" {
features{}
}
data "azurerm_resource_group" "test" {
name = "yourresourcegroup"
}
resource "azurerm_virtual_network" "vnet" {
name = "ansuman--vnet"
location = data.azurerm_resource_group.test.location
resource_group_name = data.azurerm_resource_group.test.name
address_space = ["10.0.0.0/16"]
}
variable "subnet_prefix" {
type = list
default = [
{
ip = "10.0.1.0/24"
name = "subnet-1"
},
{
ip = "10.0.2.0/24"
name = "subnet-2"
}
]
}
resource "azurerm_subnet" "test_subnet" {
name = "${lookup(element(var.subnet_prefix, count.index), "name")}"
count = "${length(var.subnet_prefix)}"
resource_group_name = data.azurerm_resource_group.test.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefix = "${lookup(element(var.subnet_prefix, count.index), "ip")}"
}
resource "azurerm_public_ip" "myterraformpublicip" {
count = 2
name = "myPublicIP-${count.index + 1}"
location = data.azurerm_resource_group.test.location
resource_group_name = data.azurerm_resource_group.test.name
allocation_method = "Dynamic"
}
# Create network interface
resource "azurerm_network_interface" "myterraformnic" {
count = 2
name = "myNIC-${count.index + 1}"
location = data.azurerm_resource_group.test.location
resource_group_name = data.azurerm_resource_group.test.name
ip_configuration {
name = "myNicConfiguration"
subnet_id = azurerm_subnet.test_subnet[count.index].id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.myterraformpublicip[count.index].id
}
}
Outputs:
How do we add virtual machine as target in backend pool of an Application Gateway using terraform code ?
What property I should use in the following code to point at particular virtual Machine ?
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "${azurerm_resource_group.test.name}"
location = "${azurerm_resource_group.test.location}"
sku {
name = "Standard_Small"
tier = "Standard"
capacity = 2
}
gateway_ip_configuration {
name = "my-gateway-ip-configuration"
subnet_id = "${azurerm_subnet.frontend.id}"
}
frontend_port {
name = "${local.frontend_port_name}"
port = 80
}
frontend_ip_configuration {
name = "${local.frontend_ip_configuration_name}"
public_ip_address_id = "${azurerm_public_ip.test.id}"
}
backend_address_pool {
name = "${local.backend_address_pool_name}"
}
backend_http_settings {
name = "${local.http_setting_name}"
cookie_based_affinity = "Disabled"
port = 80
protocol = "Http"
request_timeout = 1
}
http_listener {
name = "${local.listener_name}"
frontend_ip_configuration_name = "${local.frontend_ip_configuration_name}"
frontend_port_name = "${local.frontend_port_name}"
protocol = "Http"
}
request_routing_rule {
name = "${local.request_routing_rule_name}"
rule_type = "Basic"
http_listener_name = "${local.listener_name}"
backend_address_pool_name = "${local.backend_address_pool_name}"
backend_http_settings_name = "${local.http_setting_name}"
}
}
The backend_address_pool block supports:
name - (Required) User defined name for a backend address pool.
ip_addresses - (Optional) List of public IPAdresses, or internal IP
addresses in a backend address pool.
fqdns - (Optional) List of FQDNs in a backend address pool
Terraform is a bit silly in this regard, and you have to use a separate proxy resource (which doesnt even exist in Azure) to configure this:
resource "azurerm_resource_group" "test" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_virtual_network" "test" {
name = "example-network"
address_space = ["10.0.0.0/16"]
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
}
resource "azurerm_subnet" "frontend" {
name = "frontend"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_network_name = "${azurerm_virtual_network.test.name}"
address_prefix = "10.254.0.0/24"
}
resource "azurerm_subnet" "backend" {
name = "backend"
resource_group_name = "${azurerm_resource_group.test.name}"
virtual_network_name = "${azurerm_virtual_network.test.name}"
address_prefix = "10.254.2.0/24"
}
resource "azurerm_public_ip" "test" {
name = "example-pip"
location = "${azurerm_resource_group.test.location}"
resource_group_name = "${azurerm_resource_group.test.name}"
allocation_method = "Dynamic"
}
# since these variables are re-used - a locals block makes this more maintainable
locals {
backend_address_pool_name = "${azurerm_virtual_network.test.name}-beap"
frontend_port_name = "${azurerm_virtual_network.test.name}-feport"
frontend_ip_configuration_name = "${azurerm_virtual_network.test.name}-feip"
http_setting_name = "${azurerm_virtual_network.test.name}-be-htst"
listener_name = "${azurerm_virtual_network.test.name}-httplstn"
request_routing_rule_name = "${azurerm_virtual_network.test.name}-rqrt"
}
resource "azurerm_application_gateway" "network" {
name = "example-appgateway"
resource_group_name = "${azurerm_resource_group.test.name}"
location = "${azurerm_resource_group.test.location}"
removed for brievity, check full example at the link below
}
# binding happens here
resource "azurerm_network_interface_application_gateway_backend_address_pool_association" "test" {
network_interface_id = "${azurerm_network_interface.test.id}"
ip_configuration_name = "testconfiguration1"
backend_address_pool_id = "${azurerm_application_gateway.test.backend_address_pool.0.id}"
}
Reading:
https://www.terraform.io/docs/providers/azurerm/r/network_interface_application_gateway_backend_address_pool_association.html
If someone will be looking at adding App Service to backend. This is following what you need to do:
backend_address_pool {
name = local.backend_address_pool_name
fqdns = ["${azurerm_function_app.function_app.name}.azurewebsites.net"]
}