Azure RM模板。使用密钥保管库密码部署副本VM

时间:2017-02-13 18:19:11

标签: azure azure-keyvault

我希望通过Key Vault密钥替换密码来自动部署可变数量的VM(通过副本部署)。我想为不同的VM使用不同的秘密(VM1为ex secret1,VM2为secret2)。根据文档,我需要引用动态ID https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-manager-keyvault-parameter#reference-a-secret-with-dynamic-id的秘密 我已经调整了文档示例以利用副本来部署我的VM,但是在每次调用嵌套模板时,我都很难将secretName更改为secretName1,secretName2。我怎么能这样做?

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "vaultName": {
        "type": "string"
      },
      "secretName": {
        "type": "string"
      }
    },
    "resources": [
    {
      "apiVersion": "2015-01-01",
      "name": "[concat('nestedTemplate-', copyIndex())]",
      "type": "Microsoft.Resources/deployments",
      "copy": {
        "name": "nestedTemplateLoop",
        "count": "[parameters('numberOfVMs')]"
      },
      "properties": {
        "mode": "incremental",
        "templateLink": {
          "uri": "https://www.contoso.com/AzureTemplates/newVM.json",
          "contentVersion": "1.0.0.0"
        },
        "parameters": {
          "adminPassword": {
            "reference": {
              "keyVault": {
                "id": "[concat(resourceGroup().id, '/providers/Microsoft.KeyVault/vaults/', parameters('vaultName'))]"
              },
              "secretName": "[parameters('secretName')]"
            }
          }
        }
      }
    }],
    "outputs": {}
}

1 个答案:

答案 0 :(得分:3)

"secretName": [concat(parameters('secretName'), copyIndex())]