在 Azure KeyVault 的 ARM 模板中添加 virtualNetworkRules
Add virtualNetworkRules in ARM template for Azure KeyVault
我想在 ARM 模板中添加 virtualNetworkRules。但不幸的是,它无法获取参数并激活防火墙和虚拟网络设置。
我使用以下脚本创建了一个 ARM 模板:
https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2018-02-14/vaults#IPRule
{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('keyVaultName')]",
"apiVersion": "2018-02-14",
"location": "[parameters('location')]",
"properties": {
"firewallState": "Enabled",
"enabledForDeployment": "[parameters('enabledForDeployment')]",
"enabledForDiskEncryption": "[parameters('enabledForDiskEncryption')]",
"enabledForTemplateDeployment": "[parameters('enabledForTemplateDeployment')]",
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"objectId": "[parameters('objectId')]",
"tenantId": "[parameters('tenantId')]",
"permissions": {
"keys": "[parameters('keysPermissions')]",
"secrets": "[parameters('secretsPermissions')]"
}
}
],
"sku": {
"name": "[parameters('skuName')]",
"family": "A"
},
"networkAcls": {
"bypass": "AzureServices",
"ipRules": [
{
"value": "xxxx"
}
],
"virtualNetworkRules": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet1Name'))]"
}
]
}
}
}
]
ARM 脚本中的 networkAcls 部分根本不起作用。它不会激活防火墙和虚拟网络设置。
问题是由于缺少其中一个属性,添加后它起作用了:
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Deny"
"ipRules": [
{
"value": "xxxx"
}
],
"virtualNetworkRules": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet1Name'))]"
}
]
}
我想在 ARM 模板中添加 virtualNetworkRules。但不幸的是,它无法获取参数并激活防火墙和虚拟网络设置。
我使用以下脚本创建了一个 ARM 模板: https://docs.microsoft.com/en-us/azure/templates/microsoft.keyvault/2018-02-14/vaults#IPRule
{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('keyVaultName')]",
"apiVersion": "2018-02-14",
"location": "[parameters('location')]",
"properties": {
"firewallState": "Enabled",
"enabledForDeployment": "[parameters('enabledForDeployment')]",
"enabledForDiskEncryption": "[parameters('enabledForDiskEncryption')]",
"enabledForTemplateDeployment": "[parameters('enabledForTemplateDeployment')]",
"tenantId": "[parameters('tenantId')]",
"accessPolicies": [
{
"objectId": "[parameters('objectId')]",
"tenantId": "[parameters('tenantId')]",
"permissions": {
"keys": "[parameters('keysPermissions')]",
"secrets": "[parameters('secretsPermissions')]"
}
}
],
"sku": {
"name": "[parameters('skuName')]",
"family": "A"
},
"networkAcls": {
"bypass": "AzureServices",
"ipRules": [
{
"value": "xxxx"
}
],
"virtualNetworkRules": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet1Name'))]"
}
]
}
}
}
]
ARM 脚本中的 networkAcls 部分根本不起作用。它不会激活防火墙和虚拟网络设置。
问题是由于缺少其中一个属性,添加后它起作用了:
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Deny"
"ipRules": [
{
"value": "xxxx"
}
],
"virtualNetworkRules": [
{
"id": "[resourceId('Microsoft.Network/virtualNetworks/subnets', parameters('vnetName'), parameters('subnet1Name'))]"
}
]
}