问题
using the provider block
provider "azurerm" {
subscription_id = var.subscription_id
version = "=1.44"
}
and after successfully logging in with
az login
running
terraform plan
I get the following error:
Error: Error building account: Error getting authenticated object ID: Error parsing json result from the Azure CLI: Error waiting for the Azure CLI: exit status 2
on main.tf line 21, in provider "azurerm":
21: provider "azurerm" {
UPDATE:
If I change the provider block to:
provider "azurerm" {
version = "~> 1.43"
}
and set the environment variables
ARM_USE_MSI=true
ARM_SUBSCRIPTION_ID=<...>
ARM_TENANT_ID=<...>
HTTP_PROXY=<...>
HTTPS_PROXY=<...>
http_proxy=<...>
https_proxy=<...>
than after executing terraform plan I get the following error:
Connection to 169.254.169.254 failed. No route to host.
which is very strange, as it seems to me, that a service endpoints IP is "hardcoded" into the terraform client.
回答1:
Removing variable
ARM_USE_MSI=true
Solved my problem.
This variable tells terraform to use Managed Service Identity. See the docs. The problem was, that the Azure Instance Metadata service endpoint(available on the above mentioned IP), that is used from that point, is only accessible from within a VM, and I was running the terraform from my desktop.
来源:https://stackoverflow.com/questions/60295915/terraform-with-azure-cli-error-building-account