我有一个 Terraform 脚本,用于创建 Azure Key Vault、导入 SSL 证书(带有密码的 3DES .pfx 文件)并创建带有 HTTP 侦听器的应用程序网关。我正在尝试将其更改为使用来自 KeyVault 的 SSL 证书的 HTTPS 侦听器。
我已在 Azure 门户中手动完成此过程,并使用 PowerShell 进行此操作。不幸的是,我没有发现 Terraform 的文档清楚地说明了如何实现这一点。
以下是我的应用程序网关和证书资源的相关片段:
resource "azurerm_application_gateway" "appgw" {
name = "my-appgw"
location = "australiaeast"
resource_group_name = "my-rg"
http_listener {
protocol = "https"
ssl_certificate_name = "appgw-listener-cert"
...
}
identity {
type = "UserAssigned"
identity_ids = [azurerm_user_assigned_identity.appgw_uaid.id]
}
ssl_certificate {
key_vault_secret_id = azurerm_key_vault_certificate.ssl_cert.secret_id
name = "appgw-listener-cert"
}
...
}
resource "azurerm_key_vault" "kv" {
name = "my-kv"
location = "australiaeast" …ssl-certificate terraform azure-keyvault azure-application-gateway