ARM 获取 ASB ConnectionString 到 Key Vault
ARM Get ASB ConnectionString into Key Vault
我正在尝试从服务总线命名空间获取连接字符串并通过 ARM 将其注入密钥库。主要有:
- KeyVault 位于
ResourceGroup1
- ASB 命名空间位于
ResourceGroup2
我正在尝试使用 ARM 获取主连接字符串并使用以下方法将其添加到密钥保管库:
{
"name": "[concat(parameters('keyVaultName'), '/MyListenConnectionString')]",
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2016-10-01",
"location": "[resourceGroup().location]",
"properties": {
"value": "[listKeys(resourceId('Microsoft.ServiceBus/namespaces/AuthorizationRules','sb-namespace','listen-key'),'2015-08-01').primaryConnectionString]"
},
"dependsOn": [
"[parameters('keyVaultName')]"
]
}
好像不太喜欢这个。我是否必须做一些特别的事情,因为这两个资源位于不同的资源组下?
我得到的错误:
##vso[task.issue type=error;]ParentResourceNotFound: Can not perform requested operation on nested resource. Parent resource 'sb-namespace' not found.
我假设是因为他们生活在两个不同的资源组中?
由于您的服务总线命名空间和 Azure Key Vault 位于不同的资源组中,因此您需要定义如下函数。详情请参考here.
listKeys(resourceId('<group name>','Microsoft.ServiceBus/namespaces/AuthorizationRules','sb-namespace','listen-key'),'2015-08-01').primaryConnectionString
例如
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
...
},
"resources": [
...
],
"outputs": {
"proxyKey": {
"type": "string",
"value": "[listKeys(resourceId('0730BowmanWindow','Microsoft.ServiceBus/namespaces/AuthorizationRules',parameters('sbName'),parameters('ruleName')'),'2015-08-01').primaryConnectionString]"
}
}
}
我正在尝试从服务总线命名空间获取连接字符串并通过 ARM 将其注入密钥库。主要有:
- KeyVault 位于
ResourceGroup1 - ASB 命名空间位于
ResourceGroup2
我正在尝试使用 ARM 获取主连接字符串并使用以下方法将其添加到密钥保管库:
{
"name": "[concat(parameters('keyVaultName'), '/MyListenConnectionString')]",
"type": "Microsoft.KeyVault/vaults/secrets",
"apiVersion": "2016-10-01",
"location": "[resourceGroup().location]",
"properties": {
"value": "[listKeys(resourceId('Microsoft.ServiceBus/namespaces/AuthorizationRules','sb-namespace','listen-key'),'2015-08-01').primaryConnectionString]"
},
"dependsOn": [
"[parameters('keyVaultName')]"
]
}
好像不太喜欢这个。我是否必须做一些特别的事情,因为这两个资源位于不同的资源组下?
我得到的错误:
##vso[task.issue type=error;]ParentResourceNotFound: Can not perform requested operation on nested resource. Parent resource 'sb-namespace' not found.
我假设是因为他们生活在两个不同的资源组中?
由于您的服务总线命名空间和 Azure Key Vault 位于不同的资源组中,因此您需要定义如下函数。详情请参考here.
listKeys(resourceId('<group name>','Microsoft.ServiceBus/namespaces/AuthorizationRules','sb-namespace','listen-key'),'2015-08-01').primaryConnectionString
例如
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
...
},
"resources": [
...
],
"outputs": {
"proxyKey": {
"type": "string",
"value": "[listKeys(resourceId('0730BowmanWindow','Microsoft.ServiceBus/namespaces/AuthorizationRules',parameters('sbName'),parameters('ruleName')'),'2015-08-01').primaryConnectionString]"
}
}
}