如何在嵌套的ARM模板中链接资源?

时间:2020-09-09 14:43:04

标签: azure azure-resource-manager arm-template

我正在尝试编写一个ARM模板,以创建一个资源组和一个带有网络安全组的虚拟网络(最终,我也希望在其中具有网络接口,公用IP和VM)。我不知道如何将新创建的Network Security组链接到虚拟网络。

到目前为止,这是我的模板。 df["toys"].unique() dependsOn链接均无效。

subnets.properties.id

我收到此错误。

{
  "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "name": {
      "type": "string"
    }
  },
  "variables": {
    "uniqueID": "[uniqueString(subscription().subscriptionId)]",
    "resourceGroupName": "[concat(parameters('name'), '-RG-', variables('uniqueID'))]",
    "nestedDeploymentName": "[concat(parameters('name'), '-NDEPL-', variables('uniqueID'))]",
    "subnetName": "[concat(parameters('name'),'-SUBNET-', variables('uniqueID'))]",
    "virtualNetworkName": "[concat(parameters('name'),'-VNET-', variables('uniqueID'))]",
    "networkSecurityGroupName": "[concat(parameters('name'),'-NSG-', variables('uniqueID'))]"
  },

  "resources": [
    {
      "type": "Microsoft.Resources/resourceGroups",
      "name": "[variables('resourceGroupName')]",
      "apiVersion": "2019-10-01",
      "location": "westeurope",
      "tags": {
        // TODO add some tags for easier monitoring
      }
    },
    {
      "type": "Microsoft.Resources/deployments",
      "name": "[variables('nestedDeploymentName')]",
      "apiVersion": "2019-10-01",
      "resourceGroup": "[variables('resourceGroupName')]",
      "dependsOn": [
        "[resourceId('Microsoft.Resources/resourceGroups',variables('resourceGroupName'))]"
      ],
      "properties": {
        "expressionEvaluationOptions": {
          "scope": "outer"
        },
        "mode": "Incremental",
        "template": {
          "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
          "contentVersion": "1.0.0.0",
          "resources": [
            {
              "type": "Microsoft.Network/networkSecurityGroups",
              "apiVersion": "2020-05-01",
              "name": "[variables('networkSecurityGroupName')]",
              "location": "westeurope",
              "properties": {
                "securityRules": [
                  {
                    "name": "SSH",
                    "properties": {
                      "protocol": "TCP",
                      "sourcePortRange": "*",
                      "destinationPortRange": "22",
                      "sourceAddressPrefix": "*",
                      "destinationAddressPrefix": "*",
                      "access": "Allow",
                      "priority": 300,
                      "direction": "Inbound"
                    }
                  }
                ]
              }
            },
            {
              "type": "Microsoft.Network/virtualNetworks",
              "apiVersion": "2020-05-01",
              "name": "[variables('virtualNetworkName')]",
              "location": "westeurope",
              "dependsOn": [
                "[resourceId(subscription().subscriptionId, variables('resourceGroupName'),'Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]"
              ],
              "properties": {
                "addressSpace": {
                  "addressPrefixes": ["10.1.1.0/24"]
                },
                "subnets": [
                  {
                    "name": "[variables('subnetName')]",
                    "properties": {
                      "addressPrefix": "10.1.1.0/24",
                      "networkSecurityGroup": {
                        "id": "[resourceId('Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]"
                      }
                    }
                  }
                ]
              }
            }
          ]
        }
      }
    }
  ]
}

谢谢

2 个答案:

答案 0 :(得分:0)

您对订阅ID产生了误解。引号struct Home: View { @State var appearCount = 0 var body : some View { VStack { if (appearCount > 0) { //this code is added just for re draw view. when appearCount is changed } NavigationLink(destination : SliderView()){ Text("\(self.myData.lastText)").bold() } }.onAppear { appearCount += 1 } } } 仅给您唯一的ID,而不是资源ID。因此,您需要在subscription().subscriptionId中为VNet进行如下更改:

dependsOn

看看Get Subscription Id in ARM Template。也许您还需要在子网属性中添加NSG资源ID的组名,如下所示:

"[resourceId(subscription().id, variables('resourceGroupName'),'Microsoft.Network/networkSecurityGroups/', variables('networkSecurityGroupName'))]"

或者在两个地方使用相同的一个。

答案 1 :(得分:0)

我最终通过切换找到了解决方案:

"expressionEvaluationOptions": {
          "scope": "inner"
        },

,并将原始参数和我生成的uniqueID作为参数传递到嵌套模板中。将范围设置为inner后,我可以使用resourceId()的简单变体将资源在嵌套模板中链接在一起。

{
              "type": "Microsoft.Network/networkInterfaces",
              "apiVersion": "2020-05-01",
              "name": "[variables('networkInterfaceName')]",
              "location": "[parameters('location')]",
              "dependsOn": [
                "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]",
                "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroupName'))]"
              ],
              "properties": {
                "ipConfigurations": [
                  {
                    "name": "ipconfig1",
                    "properties": {
                      "privateIPAllocationMethod": "Dynamic",
                      "publicIPAddress": {
                        "id": "[resourceId('Microsoft.Network/publicIPAddresses', variables('publicIPAddressName'))]"
                      },
                      "subnet": {
                        "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]"
                      }
                    }
                  }
                ]
              }
            },```
相关问题
最新问题