在ARM模板部署中,我需要在SQL Server上为同一模板中定义的Azure App Service的出站IP地址添加防火墙例外:
{
"name": "[concat(variables('sqlServerName'),'/azureFireWallRule',copyIndex())]",
"type": "Microsoft.Sql/servers/firewallRules",
"apiVersion": "2014-04-01",
"properties": {
"startIpAddress": "[split(reference(variables('appServiceRef')).possibleOutboundIpAddresses,',')[copyIndex()]]",
"endIpAddress": "[split(reference(variables('appServiceRef')).possibleOutboundIpAddresses,',')[copyIndex()]]"
},
"copy": {
"name": "[concat(variables('sqlServerName'),'azureFireWallRule')]",
"count": "[length(split(reference(variables('appServiceRef')).possibleOutboundIpAddresses,','))]"
},
"dependsOn": [
"[variables('sqlServerRef')]",
"[variables('appServiceRef')]"
]
}
但是不允许在copy.count中使用reference()函数。
我试图解决这个问题(不是没有运气):
Ofc,问题可以通过2次连续部署来解决。但有没有办法在单个ARM模板方面实现这一点?
答案 0 :(得分:0)
您可以在单个模板中执行此操作,但不是单个部署。由于possibleOutboundIpAddresses是可变的,因此您需要部署Web应用程序,然后启动嵌套部署并输出数组。这种嵌套部署可以是内联模板,它不需要是一个单独的文件,因为您只是输出一个值,模板可以非常简单。 (一个参数一个输出)。
那有帮助吗?
答案 1 :(得分:0)
据我所知,这是不可能的。
原因是在部署发生之前扩展了循环,所以这里不允许动态。
答案 2 :(得分:0)
"providerSpecificDetails": {
"instanceType": "A2A",
"fabricObjectId": "[concat('/subscriptions/',subscription().subscriptionId, '/resourceGroups/', parameters('gcAppEnv').drDetails.gcAppSourceRG,'/providers/Microsoft.Compute/virtualMachines/', variables('vmNames').vmbuild[copyIndex()].MacName)]",
"recoveryContainerId": "[variables('targetContainerResourceId')]",
"recoveryResourceGroupId": "[parameters('gcAppEnv').drDetails.gcAppTargetRGId]",
"copy": [
{
"name": "vmManagedDisks",
"count": "[add(1, length(parameters('vmList')[copyIndex()].datadisks))]",
"input": {
"**diskId**": "[if(equals(copyIndex('vmManagedDisks'), 0), reference(concat('/subscriptions/',subscription().subscriptionId,'/resourceGroups/',parameters('gcAppEnv').drDetails.gcAppSourceRG, '/providers/Microsoft.Compute/virtualMachines/',variables('vmNames').vmbuild[copyIndex()].MacName), '2019-03-01').storageprofile.osDisk.managedDisk.id, reference(concat('/subscriptions/',subscription().subscriptionId,'/resourceGroups/',parameters('gcAppEnv').drDetails.gcAppSourceRG, '/providers/Microsoft.Compute/virtualMachines/', variables('vmNames').vmbuild[copyIndex()].MacName), '2019-03-01').storageprofile.dataDisks[sub(copyIndex('vmManagedDisks'),1)].managedDisk.id)]",
"diskType": "[if(equals(copyIndex('vmManagedDisks'), 0), 'OperatingSystem', 'Data')]",
"recoveryReplicaDiskAccountType": "[if(equals(copyIndex('vmManagedDisks'), 0), parameters('vmList')[copyIndex()].osDiskType, parameters('vmList')[copyIndex()].datadisks[sub(copyIndex('vmManagedDisks'), 1)].diskType)]",
"recoveryTargetDiskAccountType": "[if(equals(copyIndex('vmManagedDisks'), 0), parameters('vmList')[copyIndex()].osDiskType, parameters('vmList')[copyIndex()].datadisks[sub(copyIndex('vmManagedDisks'), 1)].diskType)]",
"primaryStagingAzureStorageAccountId": "[concat('/subscriptions/',subscription().subscriptionId,'/resourceGroups/',parameters('gcAppEnv').drDetails.gcAppSourceRG,'/providers/Microsoft.Storage/storageAccounts/', parameters('storageAccountNasaObject').storageAccounts_name)]",
"diskEncryptionInfo": null,
"recoveryResourceGroupId": "[parameters('gcAppEnv').drDetails.gcAppTargetRGId]"
}
}
],
"selectedRecoveryAzureNetworkId": "[concat('/subscriptions/',subscription().subscriptionId,'/resourceGroups/',parameters('recoveryServicesVaultObject').targetNetworkRG,'/providers/Microsoft.Network/virtualNetworks/',parameters('recoveryServicesVaultObject').targetVNetName)]",
"recoveryAvailabilityZone": "[if(equals(mod(copyIndex('vmProtectedItemsLoop'),3), 0), '3', if(equals(mod(copyIndex('vmProtectedItemsLoop'), 2), 0),'2','1'))]",
"recoveryAzureNetworkId": "[concat('/subscriptions/',subscription().subscriptionId,'/resourceGroups/',parameters('recoveryServicesVaultObject').targetNetworkRG,'/providers/Microsoft.Network/virtualNetworks/',parameters('recoveryServicesVaultObject').targetVNetName)]",
"recoverySubnetName": "[if(equals(variables('vmNames').vmbuild[copyIndex()].VmTier, 'Web'),parameters('gcSubscriptions').DRSubnets.Web, parameters('gcSubscriptions').DRSubnets.App)]"
}
我已经尝试过将这些代码用于复制品。可以。