am trying to deploy the azure notification hub using terrafrom.
while integrating the google API token, if the token does not exist deployment is going to fail.
want deploy the notification hub with out the token for that using dyanamic block.
dynamic gcmcred {
for_each = var.gcm_api == null ? [] : [ "dummy" ]
content {
gcm_credential {
api_key = var.gcm_api.token
}
}
}
below mentioned way declared the variable
variable "gcm_api" {
type = list(string)
default = [ "null" ]
}
am getting an issue like un supported block type
Try to do it this way:
main.tf
locals {
enable_gcm_credential = var.enable_gcm_credential ? [1] : []
}
resource "azurerm_notification_hub" "notification_hub" {
name = var.name
namespace_name = var.namespace_name
resource_group_name = var.resource_group_name
location = var.location
dynamic "gcm_credential" {
for_each = local.enable_gcm_credential
content {
api_key = var.api_key
}
}
}
variables.tf
variable "enable_gcm_credential" {
type = bool
default = false
}
...
Related
I am fairly new to terraform and trying to create a google_compute_backend_service using terraform and there are multiple backend blocks inside the resource as shown below:
resource "google_compute_backend_service" "app-backend" {
log_config {
enable = "true"
sample_rate = "1"
}
name = "app-backend"
port_name = "http-34070"
project = "my-project"
protocol = "HTTP"
session_affinity = "NONE"
timeout_sec = "30"
backend {
group = "insatnce-group1"
}
backend {
group = "instance-group2"
}
backend {
group = "instance-group3"
}
health_checks = [google_compute_http_health_check.app-http-l7.name]
}
As seen in the code block above the backend block repeats multiple times. I want to make it dynamic so I do not have to write multiple blocks manually.
I tried the following:
Created a variable in the variables.tf file that contains all the instance groups:
variable "groups" {
type = list(object({
name = string
}))
default = [{ name = "instance-group1"},
{ name = "instance-group2"},
{ name = "instance-group3"}]
}
And modified my resource block to this:
resource "google_compute_backend_service" "app-backend" {
log_config {
enable = "true"
sample_rate = "1"
}
name = "app-backend"
port_name = "http-34070"
project = "my-project"
protocol = "HTTP"
session_affinity = "NONE"
timeout_sec = "30"
dynamic "backend" {
for_each = var.groups
iterator = item
group = item.value.name
}
health_checks = [google_compute_http_health_check.app-http-l7.name]
}
However, when I execute terraform plan I get the following error:
Error: Unsupported argument
│
│ on backend_service.tf line 15, in resource "google_compute_backend_service" "app-backend":
│ 15: group = item.value.name
│
│ An argument named "group" is not expected here.
Where am I going wrong? Is there a better way to achieve this?
You can check the dynamic blocks documentation for the syntax. Otherwise, you had the right idea.
dynamic "backend" {
for_each = var.groups
content {
group = backend.value.name
}
}
You can also simplify the variable structure to make this even easier.
variable "groups" {
type = set(string)
default = ["instance-group1", "instance-group2", "instance-group3"]
}
dynamic "backend" {
for_each = var.groups
content {
group = backend.value
}
}
I’m trying to create data proc cluster in GCP using terraform resource google_dataproc_cluster. I would like to create Component gateway along with that. Upon seeing the documentation, it has been stated as to use the below snippet for creation:
cluster_config {
endpoint_config {
enable_http_port_access = "true"
}
}
Upon running the terraform plan, i see the error as " Error: Unsupported block type". And also tried using the override_properties and in the GCP data proc, i could see that the property is enabled, but still the Gateway Component is disabled. Wanted to understand, is there an issue upon calling the one given in the Terraform documentation and also is there an alternate for me to use it what?
software_config {
image_version = "${var.image_version}"
override_properties = {
"dataproc:dataproc.allow.zero.workers" = "true"
"dataproc:dataproc.enable_component_gateway" = "true"
}
}
The below is the error while running the terraform apply.
Error: Unsupported block type
on main.tf line 35, in resource "google_dataproc_cluster" "dataproc_cluster":
35: endpoint_config {
Blocks of type "endpoint_config" are not expected here.
RESOURCE BLOCK:
resource "google_dataproc_cluster" "dataproc_cluster" {
name = "${var.cluster_name}"
region = "${var.region}"
graceful_decommission_timeout = "120s"
labels = "${var.labels}"
cluster_config {
staging_bucket = "${var.staging_bucket}"
/*endpoint_config {
enable_http_port_access = "true"
}*/
software_config {
image_version = "${var.image_version}"
override_properties = {
"dataproc:dataproc.allow.zero.workers" = "true"
"dataproc:dataproc.enable_component_gateway" = "true" /* Has Been Added as part of Component Gateway Enabled which is already enabled in the endpoint_config*/
}
}
gce_cluster_config {
// network = "${var.network}"
subnetwork = "${var.subnetwork}"
zone = "${var.zone}"
//internal_ip_only = true
tags = "${var.network_tags}"
service_account_scopes = [
"cloud-platform"
]
}
master_config {
num_instances = "${var.master_num_instances}"
machine_type = "${var.master_machine_type}"
disk_config {
boot_disk_type = "${var.master_boot_disk_type}"
boot_disk_size_gb = "${var.master_boot_disk_size_gb}"
num_local_ssds = "${var.master_num_local_ssds}"
}
}
}
depends_on = [google_storage_bucket.dataproc_cluster_storage_bucket]
timeouts {
create = "30m"
delete = "30m"
}
}
Below is the snippet that worked for me to enable component gateway in GCP
provider "google-beta" {
project = "project_id"
}
resource "google_dataproc_cluster" "dataproc_cluster" {
name = "clustername"
provider = google-beta
region = us-east1
graceful_decommission_timeout = "120s"
cluster_config {
endpoint_config {
enable_http_port_access = "true"
}
}
This issue is discussed in this Git thread.
You can enable the component gateways in Cloud Dataproc by using google-beta provider in the Dataproc cluster and root configuration of terraform.
sample configuration:
# Terraform configuration goes here
provider "google-beta" {
project = "my-project"
}
resource "google_dataproc_cluster" "mycluster" {
provider = "google-beta"
name = "mycluster"
region = "us-central1"
graceful_decommission_timeout = "120s"
labels = {
foo = "bar"
}
...
...
}
I'm trying to setup Azure Kubernetes Services with Terraform with the 'Azure Voting'-app.
I'm using the code mentioned below, however I keep getting the error on the Load Balancer: "Internal Server Error". Any idea what is going wrong here?
Seems like the Load Balancer to Endpoint (POD) is configured correclt,y thus not sure what is missing here.
main.tf
provider "azurerm" {
features {}
}
data "azurerm_kubernetes_cluster" "aks" {
name = "kubernetescluster"
resource_group_name = "myResourceGroup"
}
provider "kubernetes" {
host = data.azurerm_kubernetes_cluster.aks.kube_config[0].host
client_certificate = base64decode(data.azurerm_kubernetes_cluster.aks.kube_config.0.client_certificate)
client_key = base64decode(data.azurerm_kubernetes_cluster.aks.kube_config.0.client_key)
cluster_ca_certificate = base64decode(data.azurerm_kubernetes_cluster.aks.kube_config.0.cluster_ca_certificate)
}
resource "kubernetes_namespace" "azurevote" {
metadata {
annotations = {
name = "azurevote-annotation"
}
labels = {
mylabel = "azurevote-value"
}
name = "azurevote"
}
}
resource "kubernetes_service" "example" {
metadata {
name = "terraform-example"
}
spec {
selector = {
app = kubernetes_pod.example.metadata.0.labels.app
}
session_affinity = "ClientIP"
port {
port = 80
target_port = 80
}
type = "LoadBalancer"
}
}
resource "kubernetes_pod" "example" {
metadata {
name = "terraform-example"
labels = {
app = "azure-vote-front"
}
}
spec {
container {
image = "mcr.microsoft.com/azuredocs/azure-vote-front:v1"
name = "example"
}
}
}
variables.tf
variable "prefix" {
type = string
default = "ab"
description = "A prefix used for all resources in this example"
}
It seems that your infrastructure setup is ok, the only thing is the application itself, you create only the front app, and you need to create the backend app to.
You can see the deployment examples here.
You also can see here the exception when you run the frontend without the backend.
I want to deploy multiple azure cloud resources with terraform. My problem is with the terraform script for an azure IoT Hub, exspecially the ip restriction rules. According to the documentation I can do something like this
resource "azurerm_iothub" "iothubname" {
name = "somename"
resource_group_name = azurerm_resource_group.someresourcegroup
location = azurerm_resource_group.somelocation
sku {
name = "B2"
capacity = "2"
}
fallback_route {
enabled = true
}
ip_filter_rule {
action = "Accept"
ip_mask ="some_ip_range_1"
name = "some_name_1"
}
ip_filter_rule {
action = "Accept"
ip_mask ="some_ip_range_2"
name = "some_name_2" }
ip_filter_rule {
action = "Accept"
ip_mask ="some_ip_range_3"
name = "some_name_3"
}
ip_filter_rule {
action = "Reject"
ip_mask ="0.0.0.0/0"
name = "everything_else"
}
}
Everything works fine, ecept that the ordering of the ip rules is not the same as above and in my case I definitely want the last rule to be the the one with the lowest priority on azure. Azure IoT hub applies the filter rules in order.
How can I enforce a certain ordering of ip filter?
You can try to use dynamic blocks
https://www.terraform.io/docs/configuration/expressions/dynamic-blocks.html
File main.tf
resource "azurerm_iothub" "iothubname" {
name = "somename"
resource_group_name = azurerm_resource_group.someresourcegroup
location = azurerm_resource_group.somelocation
sku {
name = "B2"
capacity = "2"
}
fallback_route {
enabled = true
}
dynamic "ip_filter_rule" {
for_each = var.ip_filter_rule_list
content {
action = ip_filter_rule.value.action
ip_mask = ip_filter_rule.value.ip_mask
name = ip_filter_rule.value.name
}
}
}
File variables.tf
variable "ip_filter_rule_list" {
type = list
default = []
}
Update
Bug is fixed in terraform provider azurerm v2.57.0
https://github.com/terraform-providers/terraform-provider-azurerm/pull/11390
Need suggestion.
I am trying to run the below code. First adf is imported which has the vsts configuration.
For second adf, i dont need the vsts configuration. I have tried using dymanic block, but getting error as below.
on main.tf line 16, in resource "azurerm_data_factory" "adf":
2020-12-24T08:13:44.3101544Z 16: dynamic [4m"action"
[0m {
2020-12-24T08:13:44.3101802Z [0m
2020-12-24T08:13:44.3102076Z Blocks of type "action" are not expected here.
Main.tf
resource "azurerm_data_factory" "adf"{
for_each = var.purposes
name=lower("${var.component}-${var.project}-${var.regionname}-${var.azureregion}-${var.environment}-${each.value.purpose}")
location = data.azurerm_resource_group.rg.location
resource_group_name = data.azurerm_resource_group.rg.name
identity{
type="SystemAssigned"
}
dynamic "action" {
for_each = var.vsts_config ? [1] : []
content {
vsts_configuration {
account_name = var.accountname
branch_name = var.branchname
project_name = var.projectname
repository_name = var.repository
tenant_id = "__tenantId__"
root_folder = var.rootfolder
}
}
}
}
input.tfvars
purposes = {
a = {
purpose = "load",
}
b = {
purpose = "live",
}
}
action is not a valid block in azurerm_data_factory. If you want to make vsts_configuration block optional, then you code should be:
dynamic "vsts_configuration" {
for_each = var.vsts_config ? [1] : []
content {
account_name = var.accountname
branch_name = var.branchname
project_name = var.projectname
repository_name = var.repository
tenant_id = "__tenantId__"
root_folder = var.rootfolder
}
}