Terraform 最新：错误：检索存储帐户的静态网站属性（订阅：***：超出上下文截止日期

超过上下文截止时间错误通常是由于网络问题而发生，并且花费的时间比默认超时值更长。

就您而言，您使用的是 azurerm

version 3.0

，这也可能导致该问题。建议使用以下命令升级到最新版本。

注意：就我而言，我使用的是最新版本，它成功执行，没有任何问题

terraform init -upgrade

provider "azurerm" {
  features {}
  subscription_id = "8332bffjgjgjglhla507-d7e60e5f09a9"
}

data "azurerm_resource_group" "rg" {
  name = "Network-RG"
}
data "azurerm_client_config" "current" {
}

resource "azurerm_private_dns_zone" "dnszone" {
  name                = "venkattest.com"
  resource_group_name = data.azurerm_resource_group.rg.name
}

data "azurerm_subnet" "demosubnet" {
  name                 = "demo-subnet"
  virtual_network_name = "demo-vnet"
  resource_group_name  = "Network-RG"
}

data "azurerm_key_vault" "keyvault" {
  name                = "demo-keyvaulttest"
  resource_group_name = "Network-RG"
}

variable "containername" {
  description = "List of container names to be created in the storage account"
  type        = list(string)
  default     = ["container1", "container2", "container3"]
}

resource "azurerm_storage_account" "sa-int" {
  name                             = "demostortedhfnttest"
  resource_group_name              = data.azurerm_resource_group.rg.name
  location                         = data.azurerm_resource_group.rg.location
  account_tier                     = "Standard"
  account_replication_type         = "LRS"
  allow_nested_items_to_be_public  = false
  cross_tenant_replication_enabled = false
  min_tls_version                  = "TLS1_2"
  identity {
    type = "SystemAssigned"
  }
  timeouts {
    create = "1h"
    update = "30m"
    delete = "30m"
  }  
  blob_properties {
    delete_retention_policy {
      days = 30
    }
    container_delete_retention_policy {
      days = 30
    }

  }
  queue_properties {
    logging {
      delete                = true
      read                  = true
      write                 = true
      version               = "1.0"
      retention_policy_days = 10
    }
    hour_metrics {
      enabled               = true
      include_apis          = true
      retention_policy_days = 10
      version               = "1.0"

    }
    minute_metrics {
      enabled               = true
      include_apis          = true
      retention_policy_days = 10
      version               = "1.0"


    }

  }
}

resource "azurerm_storage_container" "container" {
  count                 = length(var.containername)
  name                  = element(var.containername, count.index)
  storage_account_name  = azurerm_storage_account.sa-int.name
  container_access_type = "private"
  depends_on            = [azurerm_storage_account.sa-int]

}

resource "null_resource" "log" {

  triggers = {
    always_run = timestamp()
  }
  depends_on = [
    azurerm_storage_container.container
  ]
  provisioner "local-exec" {
    command = "az storage logging update --log rwd --retention 30 --services qtb --account-name ${azurerm_storage_account.sa-int.name} --account-key ${azurerm_storage_account.sa-int.primary_access_key}"
  }
}

resource "azurerm_private_endpoint" "endpoint" {

  name                = "demostorageendpoint"
  resource_group_name = data.azurerm_resource_group.rg.name
  location            = data.azurerm_resource_group.rg.location
  subnet_id           = data.azurerm_subnet.demosubnet.id
  private_dns_zone_group {
    name                 = "demodns"
    private_dns_zone_ids = [azurerm_private_dns_zone.dnszone.id]
  }
  private_service_connection {
    name                           = "demoserviceconnection"
    is_manual_connection           = false
    private_connection_resource_id = azurerm_storage_account.sa-int.id
    subresource_names              = ["blob"]
  }

  depends_on = [null_resource.log]
}

provider "azurerm" {
  alias    = "globalsub"
  features {}
}

resource "azurerm_private_dns_a_record" "record" {

  #provider            = azurerm.sub
  name                = azurerm_storage_account.sa-int.name
  zone_name           = azurerm_private_dns_zone.dnszone.name
  resource_group_name = data.azurerm_resource_group.rg.name
  ttl                 = 10
  records             = [azurerm_private_endpoint.endpoint.private_service_connection[0].private_ip_address]
  depends_on          = [azurerm_private_endpoint.endpoint]
}

resource "azurerm_storage_account_network_rules" "nwrule" {

  storage_account_id         = azurerm_storage_account.sa-int.id
  default_action             = "Deny"
  virtual_network_subnet_ids = [data.azurerm_subnet.demosubnet.id]
  bypass                     = ["AzureServices"]
  depends_on                 = [azurerm_private_dns_a_record.record]
}

resource "azurerm_key_vault_access_policy" "storage" {
  key_vault_id = data.azurerm_key_vault.keyvault.id
  tenant_id    = data.azurerm_client_config.current.tenant_id
  object_id    = azurerm_storage_account.sa-int.identity.0.principal_id

  key_permissions    = ["Get", "List"]
  secret_permissions = ["Get"]

  depends_on = [azurerm_storage_account.sa-int]
}

注意： 根据您的代码，专用终结点附加到存储帐户，授予从专用终结点中使用的 VNet 对存储帐户的默认访问权限。因此，无需在防火墙部分再次添加相同的 VNet。

2. 如果您仍想在防火墙部分附加 VNet，请确保为您正在使用的子网启用 Microsoft.Storage 服务终结点

执行代码后，所有资源已成功创建，没有任何错误。