Question

我有一个ARM模板，可以在现有的AppPlan中创建一个新的App Service，还可以使用一个新的KeyVault来访问App Service的身份。我还想将现有的VNET /子网添加到App Service，但是我没有任何运气。我的脚本运行，但是VNET / Subnet没有绑定到App Service。感谢您的帮助。

{
  "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "subscriptionId": {
      "type": "string"
    },
    "name": {
      "type": "string"
    },
    "keyVaultUserObjectId": {
      "type": "string",
      "defaultValue": "XXXXXXXXXXXXXXXXXXXXXX",
      "metadata": {
        "description": "ObjectID for user to get full rights to keyvault. Default is Henry's I account"
      }
    },
    "hostingEnvironment": {
      "type": "string"
    },
    "Division": {
      "type": "string"
    },
    "OwnerName": {
      "type": "string",
      "defaultValue": "aValue",
      "metadata": {
        "description": "Used to distinquish who in is responsible for the resource"
      }
    },
    "hostingPlanName": {
      "type": "string",
      "defaultValue": "hostingPlanName",
      "metadata": {
        "description": "Appservice Plan. Default = . Must supply one for Prod"
      }
    },
    "environmentName": {
      "type": "string",
      "defaultValue": "uat",
      "allowedValues": [ "uat", "qa", "prod" ],
      "metadata": {
        "description": "What environment will this run in"
      }
    },
    //try to collapse this based on environment name
    "environmentType": {
      "type": "string",
      "defaultValue": "nonProd",
      "allowedValues": [ "nonProd", "prod" ],
      "metadata": {
        "description": "What type environment will this run in"
      }
    }
  },
  "variables": {
    "suffix": "[uniqueString(resourceGroup().id,resourceGroup().location)]",
    "environmentBasedValues": {
      "nonProd": {
        "fullDeployedName": "[tolower(substring(concat(parameters('name'),'-',substring(parameters('environmentName'),0,1),'-',variables('suffix')),0,24))]",
        "keyVaultDeployedName": "[tolower(substring(concat(parameters('name'),'-',substring(parameters('environmentName'),0,1),'-',variables('suffix')),0,24))]",
        "hostingPlanDeployedName": "[parameters('hostingPlanName')]", 
        "serverFarmResourceGroupDeployedName": "[resourceGroup().name]" 
      },
      "prod": {
        "fullDeployedName": "[tolower(substring(concat(parameters('name'),'-',variables('suffix')),0,24))]",
        "keyVaultDeployedName": "[tolower(substring(concat(parameters('name'),'-',variables('suffix')),0,24))]",
        "hostingPlanDeployedName": "[parameters('hostingPlanName')]", 
        "serverFarmResourceGroupDeployedName": "[resourceGroup().name]"
      }
    },
    "Agency": "AGENCY",
    "OwnerName": "[parameters('OwnerName')]",
    "alwaysOn": true,
    "currentStack": "dotnetcore",
    "phpVersion": "OFF",
    "errorLink": "[concat('https://',variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName,'.scm.azurewebsites.net/detectors?type=tools&name=eventviewer')]"
  },
  "resources": [
    {
      "apiVersion": "2016-08-01",
      "name": "[variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName]",
      "type": "Microsoft.Web/sites",
      //"location": "[parameters('location')]",
      "location": "[resourceGroup().location]",
      "tags": {
        "Agency": "[variables('agency')]",
        "OwnerName": "[variables('OwnerName')]",
        "Application": "[parameters('name')]",
        "Division": "[parameters('Division')]",
        "Environment": "[parameters('environmentName')]"
      },
      "identity": {
        "type": "SystemAssigned"
      },
      "dependsOn": [],

      "properties": {
        "name": "[variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName]",
        "siteConfig": {
          "appSettings": [
            {
              "name": "ANCM_ADDITIONAL_ERROR_PAGE_LINK",
              "value": "[variables('errorLink')]"
            },
            {
              "name": "ASPNETCORE_ENVIRONMENT",
              "value": "[parameters('environmentName')]"
            }
          ],
          "metadata": [
            {
              "name": "CURRENT_STACK",
              "value": "[variables('currentStack')]"
            }
          ],
          "phpVersion": "[variables('phpVersion')]",
          "alwaysOn": "[variables('alwaysOn')]"
        },
        "serverFarmId": "[concat('/subscriptions/', parameters('subscriptionId'),'/resourcegroups/', variables('environmentBasedValues')[parameters('environmentType')].serverFarmResourceGroupDeployedName, '/providers/Microsoft.Web/serverfarms/', variables('environmentBasedValues')[parameters('environmentType')].hostingPlanDeployedName)]",
        "hostingEnvironment": "[parameters('hostingEnvironment')]",
        "clientAffinityEnabled": true
      },
      "resources": [
        {
          "apiVersion": "2018-02-01",
          "location": "[resourceGroup().location]",
          "name": "virtualNetwork",
          "properties": {
            "subnetResourceId": "[resourceId('NetworkRG','Microsoft.Network/virtualNetworks/Subnets/','VNETNAME' ,'SUBNETNAME')]",
            "swiftSupported": true
          },
          "type": "config",
          "dependsOn": [

            "[concat('Microsoft.Web/sites/', variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName)]"
           // "[concat(resourceId('NetworkRG','Microsoft.Network/virtualNetworks','PrimaryVNet'))]"
          ]
        }
      ]
    },
    {
      "apiVersion": "2016-10-01",
      "location": "[resourceGroup().location]",
      "name": "[variables('environmentBasedValues')[parameters('environmentType')].keyVaultDeployedName]",
      "type": "Microsoft.KeyVault/vaults",
      "tags": {
        "Agency": "[variables('agency')]",
        "OwnerName": "[variables('OwnerName')]",
        "Application": "[parameters('name')]",
        "Division": "[parameters('Division')]",
        "Environment": "[parameters('environmentName')]"
      },
      "properties": {
        "sku": {
          "family": "A",
          "name": "Standard"
        },
        "tenantId": "[subscription().tenantId]",
        "accessPolicies": [
          {
            "tenantId": "[subscription().tenantId]",
            "objectId": "[reference(resourceId('Microsoft.Web/sites', variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName),'2018-11-01','Full').identity.principalId]",
            "permissions": {
              "keys": [],
              "secrets": [ "get","list" ],
              "certificates": []
            }
          },
          {
            "tenantId": "[subscription().tenantId]",
            "objectId": "[parameters('keyVaultUserObjectId')]", 
            "permissions": {
              "keys": [ "all" ],
              "secrets": [ "all" ],
              "certificates": [ "all" ]
            }
          }
        ]
      }
    }
  ],
  "outputs": {
    "resourceGroupName": {
      "type": "string",
      "value": "[resourceGroup().name]"
    },
    "mykeyVaultUserObjectId": {
      "type": "string",
      "value": "[parameters('keyVaultUserObjectId')]"
    },
    "myAppIdentity": {
      "type": "string",
      "value": "[reference(resourceId('Microsoft.Web/sites', variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName),'2018-11-01','Full').identity.principalId]"
    },
    "myFullDeployedName": {
      "type": "string",
      "value": "[variables('environmentBasedValues')[parameters('environmentType')].fullDeployedName]"
    },
    "myEnvironmentType": {
      "type": "string",
      "value": "[parameters('environmentType')]"
    },
    "myVnetID": {
      "type": "string",
      "value": "[concat(resourceId('NetworkRG','Microsoft.Network/virtualNetworks','VNETNAME'))]"
    },
    "mySubnetID": {
      "type": "string",
      "value": "[concat(resourceId('NetworkRG','Microsoft.Network/virtualNetworks', 'VNETNAME'), '/subnets/SUBNETNAME')]"
    }

  }
}

Answer 1

看起来上面的模板确实起作用。我再次运行它，并检查该站点和VNET /子网是否正确配置。我不知道我以前是在看缓存版本还是在错误的实例上，但这是可以的。感谢您的帮助！

用于与现有VNET子网集成的Appservice的ARM模板

1 个答案: