Azure资源管理器模板：如何获取其他ResourceGroup中资源的连接字符串？

Question

我想部署一个AzureKeyVault，其中包含来自另一个资源组的AzureStorageAccount连接字符串。我知道如果AzureKeyVault和AzureStorageAccount位于同一资源组中，您可以执行此操作，如下所示：

"resources": [
    {
      "type": "Microsoft.KeyVault/vaults/secrets",
      "name": "secretName",
      "properties": {
        "value": "[concat('DefaultEndpointsProtocol=https;EndpointSuffix=core.windows.net;AccountName=', 'StorageAccountName', ';AccountKey=', first(listKeys(resourceId('Microsoft.Storage/storageAccounts', 'StorageAccountName'), variables('storageApiVersion')).keys).value)]"
      },
      "dependsOn": []
    },
    {
      "type": "Microsoft.Storage/storageAccounts",
      "name": "StorageAccountName",
      ...
    },
    {
        "type": "Microsoft.KeyVault/vaults",
        "name": "KeyVaultName",
        ...
    }
  ]

我的问题是如何进行更改以从已经部署的其他资源组获取连接字符串？

Answer 1

使用resourceId()函数的内置功能：

resourceId(%different_rg_name%, 'Microsoft.Storage/storageAccounts', 'StorageAccountName')

https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-template-functions-resource#resourceid