使用Terraform在Azure上部署应用程序服务时发生未经授权的错误
我正在尝试使用Terraform在azure应用程序服务上部署windows容器。应用程序服务计划部署正常,但当应用程序服务尝试部署时,我收到一个授权错误。我正在使用带有管理员用户和密码的ACR实例的连接字符串。有人有什么想法吗 如果我从门户手动执行部署,则部署工作正常使用Terraform在Azure上部署应用程序服务时发生未经授权的错误,azure,terraform,azure-web-app-service,Azure,Terraform,Azure Web App Service,我正在尝试使用Terraform在azure应用程序服务上部署windows容器。应用程序服务计划部署正常,但当应用程序服务尝试部署时,我收到一个授权错误。我正在使用带有管理员用户和密码的ACR实例的连接字符串。有人有什么想法吗 如果我从门户手动执行部署,则部署工作正常 # Create an App Service Plan with Windows resource "azurerm_app_service_plan" "appserviceplan" { name
# Create an App Service Plan with Windows
resource "azurerm_app_service_plan" "appserviceplan" {
name = "${var.rg-name}-plan"
location = "westus"
resource_group_name = var.rg-name
# Define Windows as Host OS
kind = "xenon"
is_xenon = true
# Choose size
sku {
tier = "PremiumContainer"
size = "PC2"
}
}
# Create an Azure Web App for Containers in that App Service Plan
resource "azurerm_app_service" "dockerapp" {
name = "${var.rg-name}-dockerapp"
location = "westus"
resource_group_name = "${var.rg-name}"
app_service_plan_id = "${azurerm_app_service_plan.appserviceplan.id}"
# Configure Docker Image to load on start
site_config {
windows_fx_version = "DOCKER|apps.azurecr.io/test/container:latest"
}
app_settings = {
# Settings for private Container Registires
DOCKER_REGISTRY_SERVER_URL = "repo.azureco.io",
DOCKER_REGISTRY_SERVER_USERNAME = "admin user",
DOCKER_REGISTRY_SERVER_PASSWORD = "password"
}
}
错误:
Error: Error creating App Service "dockerapp" (Resource Group "resource-group"): web.AppsClient#CreateOrUpdate: Failure sending request: StatusCode=401 -- Original Error: Code="Unauthorized" Message="Access is denied. Not authorized. latest" Details=[{"Message":"Access is denied. Not authorized. latest"},{"Code":"Unauthorized"},{"ErrorEntity":{"Code":"Unauthorized","ExtendedCode":"01001","Message":"Access is denied. Not authorized. latest","MessageTemplate":"Access is denied.","Parameters":[]}}]
您能否快速检查DOCKER\u REGISTRY\u SERVER\u URL中的URL是否与您在site\u config.windows\u fx\u version中使用的URL相同您可以验证
DOCKER\u REGISTRY\u SERVER\u URL
的值是否正确,它应该是有效的URL
例如,它在您的代码中看起来是这样的
app_settings = {
# Settings for private Container Registires
DOCKER_REGISTRY_SERVER_URL = "https://apps.azurecr.io",
DOCKER_REGISTRY_SERVER_USERNAME = "admin user",
DOCKER_REGISTRY_SERVER_PASSWORD = "password"
}
有关更多参考资料,请参阅在Terraform的azure应用程序服务上部署windows容器的示例。显而易见的问题是-您确定在Terraform和门户上使用相同的帐户吗?或者尝试清除您的terraform凭据并再次登录azure您验证了吗?您还需要注意,您已经为您的ACR键入了正确的凭据。我没有,但您提供的解决方案与我在工作项目中使用的解决方案相同,我认为没有理由扩展您的答案,而不是试图从您那里抢走这一点。我相信如果他们使用它,OP的问题会得到解决。