通过 ARM 模板对应用服务使用 Key Vault 引用
Use Key Vault references for App Service via ARM template
我正在使用 Key Vault 引用通过 ARM 模板在 App Service 的应用程序设置中设置来自 Key Vault 的机密,如下所示:
{
"variables": {
"secretA": "secretA",
"secretB": "secretB"
},
"resources": [
{
"apiVersion": "",
"type": "Microsoft.Web/sites",
"name": "",
"location": "",
"kind": "",
"properties": {
"serverFarmId": "",
"clientAffinityEnabled": false,
"siteConfig": {},
"httpsOnly": true
},
"identity": {
"type": "SystemAssigned"
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "appsettings",
"type": "config",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('name'))]",
"[resourceId('Microsoft.KeyVault/vaults/', parameters('keyVaultName'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretA'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretB'))]"
],
"properties": {
"secretA": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretA')).secretUriWithVersion, ')')]",
"secretB": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretB')).secretUriWithVersion, ')')]"
}
}
]
}
]
}
使用上面的代码,我看到以下错误:
##[error]InvalidTemplate:部署模板验证失败:“模板引用 'secretA' 无效:找不到具有此名称的模板资源或资源副本。”
如果您想引用现有资源,您需要提供 API 版本:
reference(variables('secretA'), '2019-09-01').secretUriWithVersion
您可以获得 api 个具有以下内容的版本:
( Get-AzResourceProvider -ProviderNamespace 'Microsoft.KeyVault' ).ResourceTypes | ft ResourceTypeName, ApiVersions
我正在使用 Key Vault 引用通过 ARM 模板在 App Service 的应用程序设置中设置来自 Key Vault 的机密,如下所示:
{
"variables": {
"secretA": "secretA",
"secretB": "secretB"
},
"resources": [
{
"apiVersion": "",
"type": "Microsoft.Web/sites",
"name": "",
"location": "",
"kind": "",
"properties": {
"serverFarmId": "",
"clientAffinityEnabled": false,
"siteConfig": {},
"httpsOnly": true
},
"identity": {
"type": "SystemAssigned"
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "appsettings",
"type": "config",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('name'))]",
"[resourceId('Microsoft.KeyVault/vaults/', parameters('keyVaultName'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretA'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretB'))]"
],
"properties": {
"secretA": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretA')).secretUriWithVersion, ')')]",
"secretB": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretB')).secretUriWithVersion, ')')]"
}
}
]
}
]
}
使用上面的代码,我看到以下错误:
##[error]InvalidTemplate:部署模板验证失败:“模板引用 'secretA' 无效:找不到具有此名称的模板资源或资源副本。”
如果您想引用现有资源,您需要提供 API 版本:
reference(variables('secretA'), '2019-09-01').secretUriWithVersion
您可以获得 api 个具有以下内容的版本:
( Get-AzResourceProvider -ProviderNamespace 'Microsoft.KeyVault' ).ResourceTypes | ft ResourceTypeName, ApiVersions