我正在为LogicApp开发ARM模板,并希望向AzSk投诉我的ARM模板。
在我的模板中,该组件具有以下必需的对象:
"ipAddressRangeForContents": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "(AzSk required this parameter to be set) IPv4 or IPv6 address range, this will restrict content IP range. This array should have object as a member with following key 'addressRange'. You can specify as many subnets as you want"
}
},
"ipAddressRangeForInbound": {
"type": "array",
"defaultValue": [],
"metadata": {
"description": "(AzSk required this parameter to be set) IPv4 or IPv6 address range, this will restrict inbound IP range. This array should have object as a member with following key 'addressRange'. You can specify as many subnets as you want. Default value is empty array which will restric access to 'Only other Logic Apps'."
}
这是参数文件中同一部分的示例:
"ipAddressRangeForContents": {
"value": [
{
"addressRange": "10.123.0.0/24"
},
{
"addressRange": "10.124.0.0/24"
}
]
},
"ipAddressRangeForInbound": {
"value": [
{
"addressRange": "10.135.0.0/24"
},
{
"addressRange": "10.136.0.0/24"
}
]
}
之所以采用这种方式,是因为用户可以灵活地指定所需的地址范围。
如果我扫描我的ARM模板,AzSk返回一个错误:
Starting analysis: [FileName: .\logicapp.json]
--------------------------------------------------------------------------------
Failed: [Azure_LogicApps_AuthZ_Provide_Triggers_Access_Control]
Failed: [Azure_LogicApps_AuthZ_Provide_Contents_Access_Control]
--------------------------------------------------------------------------------
Summary Total Failed
------- ----- ------
High 2 2
------ ------ ------
Total 2 2
------ ------ ------
即使我的模板具有这些参数。
失败的原因无法在ARM模板中找到属性addressRange:
ExpectedProperty
$.properties.accessControl.triggers.allowedCallerIpAddresses.addressRange
$.properties.accessControl.contents.allowedCallerIpAddresses.addressRange
我可以通过将模板硬编码为以下内容来修复它:
"properties": {
"accessControl": {
"contents": {
"allowedCallerIpAddresses": {
"addressRange": "[variables('some_range')]"
}
但这会使其功能降低,因为在部署阶段它只能接受一个addressRange。
有没有办法使模板投诉同时灵活?
先谢谢您!