使用用于API管理服务及其API的ARM模板进行部署时遇到问题

时间:2019-08-26 23:25:03

标签: azure api azure-devops azure-api-management arm-template

我正在尝试使用ARM模板使用其关联的API部署Azure API管理服务。此处的目标是能够通过其关联的API及其所有设置轻松配置API管理服务的新实例,但能够通过使用参数来更改后端网址。为此,我使用Azure门户导出了模板,并根据需要对其进行了更改,以便能够将后端URL作为参数传递。但是,我遇到了一些问题:

模板部署返回以下错误:

更新:此评论帮助我解决了这个问题。请立即忽略此错误。

16:12:24 - 4:11:50 PM - Resource Microsoft.ApiManagement/service/subscriptions 'testAPITalhaNEW1/master' failed with message '{
16:12:24 -   "error": {
16:12:24 -     "code": "ValidationError",
16:12:24 -     "message": "One or more fields contain incorrect values:",
16:12:24 -     "details": [
16:12:24 -       {
16:12:24 -         "code": "ValidationError",
16:12:24 -         "target": "scope",
16:12:24 -         "message": "Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}'"
16:12:24 -       }
16:12:24 -     ]
16:12:24 -   }
16:12:24 - }'
16:12:24 - 4:11:50 PM - Subscription scope should be one of '/apis', '/apis/{apiId}', '/products/{productId}'
16:12:24 - 4:12:01 PM - Resource Microsoft.ApiManagement/service/groups/users 'testAPITalhaNEW1/administrators/1' failed with message '{
16:12:24 -   "error": {
16:12:24 -     "code": "MethodNotAllowed",
16:12:24 -     "message": "System group membership cannot be changed",
16:12:24 -     "details": null
16:12:24 -   }
16:12:24 - }'
16:12:24 - 4:12:01 PM - Resource Microsoft.ApiManagement/service/groups/users 'testAPITalhaNEW1/developers/1' failed with message '{
16:12:24 -   "error": {
16:12:24 -     "code": "MethodNotAllowed",
16:12:24 -     "message": "System group membership cannot be changed",
16:12:24 -     "details": null
16:12:24 -   }
16:12:24 - }'
16:12:24 - 4:12:01 PM - Resource Microsoft.ApiManagement/service/users 'testAPITalhaNEW1/1' failed with message '{
16:12:24 -   "error": {
16:12:24 -     "code": "MethodNotAllowed",
16:12:24 -     "message": "Cannot modify property for user with built-In role",
16:12:24 -     "details": null
16:12:24 -   }
16:12:24 - }'

最初该行是:

        "scope": "[concat(resourceId('Microsoft.ApiManagement/master', parameters('service_testAPITalha_name')), '/')]",

我改为:

        "scope": "[concat(resourceId('Microsoft.ApiManagement/apis', parameters('service_testAPITalha_name')), '/')]",

这也不能解决问题。

错误:“订阅范围应该是'/ apis','/ apis / {apiId}','/ products / {productId}'之一” 

    {
      "type": "Microsoft.ApiManagement/service/subscriptions",
      "apiVersion": "2019-01-01",
      "name": "[concat(parameters('service_testAPITalha_name'), '/master')]",
      "dependsOn": [
        "[resourceId('Microsoft.ApiManagement/service', parameters('service_testAPITalha_name'))]"
      ],
      //Changed from master to apis
      "properties": {
        "scope": "[concat(resourceId('Microsoft.ApiManagement/apis', parameters('service_testAPITalha_name')), '/')]",
        "displayName": "Built-in all-access subscription",
        "state": "active",
        "primaryKey": "a4a0311b7af34f8fad57cdf8e06723fb",
        "secondaryKey": "3bfb52667eb443a0a430e298b402da03",
        "allowTracing": true
      }
    }

错误:MethodNotAllowed:“无法为具有内置角色的用户修改属性” 

 {
      "type": "Microsoft.ApiManagement/service/users",
      "apiVersion": "2019-01-01",
      "name": "[concat(parameters('service_testAPITalha_name'), '/1')]",
      "dependsOn": [
        "[resourceId('Microsoft.ApiManagement/service', parameters('service_testAPITalha_name'))]"
      ],
      "properties": {
        "firstName": "Administrator",
        "email": "xxx@hotmail.com",
        "state": "active",
        "identities": [
          {
            "provider": "Azure",
            "id": "xxx@hotmail.com"
          }
        ],
        "lastName": "[parameters('users_1_lastName')]"
      }
    }

我取出的电子邮件是Azure帐户在其上注册的主要电子邮件...

如果我删除了这段代码,则会遇到找不到该资源的更多错误,因此我认为我的ARM模板中对此特定代码/资源有依赖性。

这里的最终目标是能够使用ARM模板轻松地从开发到测试再到生产再到生产,并使API Management Service及其API的所有内容保持完整,并且能够更改后端URL。我相信我已经快到了,只要尝试调试此脚本,任何帮助将不胜感激!

2 个答案:

答案 0 :(得分:3)

我遇到了同样的问题,但是已经解决了该问题。 您最有可能基于“导出模板”功能生成了ARM模板?

这将生成两个“默认”订阅和一个默认用户(管理员)。 删除所有三个,您的模板应该运行,没有问题。 始终在没有ARM模板说明的情况下为管理员创建“入门”和“无限”订阅。

因此,使用以下命令删除Microsoft.ApiManagement / service / users部分:

"[concat(parameters('service_testAPITalha_name'), '/1')]"

以及包含以下内容的两个订阅部分:

"ownerId": "[resourceId('Microsoft.ApiManagement/service/users', parameters('service_testAPITalha_name'), '1')]",
"scope": "[resourceId('Microsoft.ApiManagement/service/products', parameters('service_testAPITalha_name'), 'starter')]

和:

"ownerId": "[resourceId('Microsoft.ApiManagement/service/users', parameters('service_testAPITalha_name'), '1')]",
"scope": "[resourceId('Microsoft.ApiManagement/service/products', parameters('service_testAPITalha_name'), 'unlimited')]

答案 1 :(得分:1)

找到了该资源,将对您有所帮助:azure-api-management-devops-resource-kit

尝试

"scope": "[concat(resourceId('Microsoft.ApiManagement/service', parameters('service_testAPITalha_name')), '/apis')]",
相关问题
最新问题