VMSS的Keyvault扩展

时间:2019-03-25 17:51:36

标签: arm azure-keyvault azure-vm-scale-set

我找到了本文档https://devblogs.microsoft.com/aspnet/announcing-an-easier-way-to-use-latest-certificates-from-key-vault/和其他一些ARM参考资料,旨在为VMSS添加Keyvault扩展,​​以实现证书自动旋转。但是,当我尝试进行部署时,扩展只是超时而没有给出任何有用的错误消息。为了使此工作有效,存在任何约束,例如,密钥库和VMSS必须位于同一资源组上?有谁知道我的模板可能出了什么问题。

这是我的扩展名:

{ 
   "name": "KeyVaultForWindows", 
   "location": "[variables('location')]", 
   "properties": { "publisher": "Microsoft.Azure.KeyVault", 
   "type": "KeyVaultForWindows", "typeHandlerVersion": "0.0", 
   "autoUpgradeMinorVersion": true, 
   "settings": 
   { 
      "secretsManagementSettings": { 
          "pollingIntervalInS": "60", 
          "requireInitialSync": true, 
          "certificateStoreName": "MY", 
          "certificateStoreLocation": "LocalMachine", 
          "observedCertificates": ["https:///secrets/"] }
       } 
    }
}```

0 个答案:

没有答案