部署ARM模板时出现内部服务器错误

时间:2018-11-09 18:25:20

标签: azure-resource-manager

我正在部署一个包含以下资源的手臂模板

Microsoft.Storage/storageAccount
Microsoft.Sql/servers
Microsoft.Sql/servers/auditPolicies

现在一切正常,直到我开始更改auditPolicies对象的值为止。这是在InternalServerError发生之前我采取的步骤。

  1. 添加了auditState属性,并将其值设置为Disabled。部署成功。
  2. auditState属性更改为Enabled。部署失败。错误指出storageAccountName是必需的。
  3. 添加了storageAccountName并将其值设置为存储帐户的名称。部署失败。错误指出storageAccountKey
  4. 添加了storageAccountKey并将其值设置为存储帐户的key1对象的keys。部署失败。内部服务器错误-“保存审核设置时发生错误,请稍后重试”。此外,这些错误会导致部署无限期地运行。尽管我并不担心这方面。

以下是完整的模板。

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",

  "parameters": {
    "app-name-prefix": {
      "type": "string",
      "minLength": 1
    },
    "app-locations": {
      "type": "array",
      "minLength": 1
    },
    "app-friendly-names": {
      "type": "array",
      "minLength": 1
    },
    "db-user-admin-username": {
      "type": "securestring"
    },
    "db-user-admin-password": {
      "type": "securestring"
    },
    "database-audit-enabled": {
      "defaultValue": "Enabled",
      "allowedValues": [
        "Enabled",
        "Disabled"
      ],
      "type": "string"
    },
    "storage-kind": {
      "defaultValue": "BlobStorage",
      "allowedValues": [
        "StorageV2",
        "BlobStorage"
      ],
      "type": "string"
    },
    "storage-sku": {
      "defaultValue": "Standard_LRS",
      "allowedValues": [
        "Standard_LRS",
        "Standard_ZRS",
        "Standard_GRS",
        "Standard_RAGRS",
        "Premium_LRS"
      ],
      "type": "string"
    }
  },
  "variables": {
    "db-service-name": "[concat(parameters('app-name-prefix'), '-database-service-')]",
    "storage-name": "[concat(toLower(parameters('app-name-prefix')), 'auditstorage')]"
  },
  "resources": [
    {
      "name": "[concat(variables('storage-name'), parameters('app-friendly-names')[copyIndex()])]",
      "type": "Microsoft.Storage/storageAccounts",
      "sku": {
        "name": "[parameters('storage-sku')]"
      },
      "kind": "[parameters('storage-kind')]",
      "apiVersion": "2018-02-01",
      "location": "[parameters('app-locations')[copyIndex()]]",
      "copy": {
        "count": "[length(parameters('app-locations'))]",
        "name": "storageCopy"
      },
      "properties": {
        "supportsHttpsTrafficOnly": true,
        "accessTier": "Hot",
        "encryption": {
          "services": {
            "blob": {
              "enabled": true
            },
            "file": {
              "enabled": true
            }
          },
          "keySource": "Microsoft.Storage"
        }
      }
    },
    {
      "type": "Microsoft.Sql/servers",
      "name": "[concat(variables('db-service-name'), parameters('app-friendly-names')[copyIndex()])]",
      "apiVersion": "2014-04-01",
      "location": "[parameters('app-locations')[copyIndex()]]",
      "copy": {
        "name": "databaseServiceCopy",
        "count": "[length(parameters('app-locations'))]"
      },
      "properties": {
        "administratorLogin": "[parameters('db-user-admin-username')]",
        "administratorLoginPassword": "[parameters('db-user-admin-password')]",
        "version": "12.0"
      },
      "resources": [
        {
          "type": "auditingPolicies",
          "name": "Default",
          "apiVersion": "2014-04-01",
          "location": "[parameters('app-locations')[copyIndex()]]",
          "properties": {
            "auditingState": "[parameters('database-audit-enabled')]",
            "storageAccountName": "[concat(variables('storage-name'), parameters('app-friendly-names')[copyIndex()])]",
            "storageAccountKey": "[listKeys(concat(variables('storage-name'), parameters('app-friendly-names')[copyIndex()]), '2018-02-01').keys[0].value]"
          },
          "dependsOn": [
            "[resourceId('Microsoft.Sql/servers', concat(variables('db-service-name'), parameters('app-friendly-names')[copyIndex()]))]",
            "storageCopy"
          ]
        }
      ]
    }
  ]
}

我缺少什么可以帮助解决此问题?我该怎么做才能阻止此内部服务器错误?

我已经按照@Pete的要求添加了完整的模板

1 个答案:

答案 0 :(得分:0)

在与Azure支持联系后,我找到了答案。

不再支持资源类型:Microsoft.Sql/servers/auditingPolicies,并且在接下来的几周内,Azure资源管理器将不再完全支持此资源。

此资源类型直接涉及表审核,据报告,表审核已不推荐用于Blob审核。尽管此时文档没有直接报告。文档将在所有者发布后的几天内进行更新。

要启用审核,您需要使用Microsoft.Sql/servers/auditingSettings对象。有关此内容的文档将陆续到来,直到您找到该资源类型Microsoft.Sql/servers/databases/auditingSettings的数据库版本的文档为止。

审核设置的工作方式与自动调整顾问程序非常相似。您可以设置服务器或数据库级别的设置。如果尚未直接配置数据库,则服务器设置将由数据库继承。

这是我使用的auditingSettings对象的示例,而不是上面的auditingPolicies对象的示例。它的嵌套方式完全相同。

{
  "apiVersion": "2017-03-01-preview",
  "type": "auditingSettings",
  "name": "DefaultAuditingSettings",
  "dependsOn": [
    "[resourceId('Microsoft.Sql/servers', concat(variables('db-service-name'), parameters('app-friendly-names')[copyIndex()]))]",
    "storageCopy"
  ],
  "properties": {
    "state": "Enabled",
    "storageEndpoint": "[reference(concat('Microsoft.Storage/storageAccounts', '/', variables('storage-name'), parameters('app-friendly-names')[copyIndex()]), '2018-02-01').primaryEndpoints.blob]",
    "storageAccountAccessKey": "[listKeys(concat(variables('storage-name'), parameters('app-friendly-names')[copyIndex()]), '2018-02-01').keys[0].value]",
    "storageAccountSubscriptionId": "[subscription().subscriptionId]",
    "isStorageSecondaryKeyInUse": false,
    "retentionDays": "30"
  }
}
相关问题
最新问题