使用 Bicep 将 API 管理私有 IP 地址输入私有 DNS 条目时,模板函数 'reference' 不是预期的
The template function 'reference' is not expected when feeding API Management private IP addresses into private DNS entry with Bicep
我想在私有 DNS 区域 azure-api.net 中为我的内部 API 管理实例创建 DNS A 记录以及 API 管理部署:
var privateDnsZoneName = 'azure-api.net'
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: apim.name
parent: privateDnsZone
properties: {
aRecords: [for addr in apim.properties.privateIPAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
然而,部署时会出现此错误:
Line |
57 | New-AzResourceGroupDeployment -ResourceGroupName $ResourceGroupName `
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 17:12:13 - Error: Code=InvalidTemplate; Message=Deployment template validation failed: 'The template resource
| '[format('{0}/{1}', variables('privateDnsZoneName'), parameters('apimName'))]' at line '221' and column '9' is not
| valid: The template function 'reference' is not expected at this location. Please see
| https://aka.ms/arm-template-expressions for usage details.. Please see https://aka.ms/arm-template-expressions for
| usage details.'.
似乎在这个地方(在 ARM 中)不支持 reference() 功能:
{
"type": "Microsoft.Network/privateDnsZones/A",
"apiVersion": "2020-06-01",
"name": "[format('{0}/{1}', variables('privateDnsZoneName'), parameters('apimName'))]",
"properties": {
"copy": [
{
"name": "aRecords",
"count": "[length(reference(resourceId('Microsoft.ApiManagement/service', parameters('apimName'))).privateIPAddresses)]",
"input": {
"ipv4Address": "[reference(resourceId('Microsoft.ApiManagement/service', parameters('apimName'))).privateIPAddresses[copyIndex('aRecords')]]"
}
}
],
"ttl": 3600
},
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', parameters('apimName'))]",
"[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]"
]
}
尝试使用介于两者之间的变量会导致相同的错误 - 因为实际上生成了相同的 ARM JSON。
var privateDnsZoneName = 'azure-api.net'
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
var apimPrivateIPAddresses = apim.properties.privateIPAddresses
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: apim.name
parent: privateDnsZone
properties: {
aRecords: [for addr in apimPrivateIPAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
除了将私有 DNS 区域 + 记录创建拆分为 Bicep 模块并删除 reference() 函数之外,我没有找到其他方法:
param privateDnsZoneName string = 'azure-api.net'
param privateDnsARecordName string
param privateDnsARecordAddresses array
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: privateDnsARecordName
parent: privateDnsZone
properties: {
aRecords: [for addr in privateDnsARecordAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
并将 privateIPAddresses 数组传递给模块。
module privateDnsEntry './private-dns.bicep' = {
name: 'apim-private-dns'
params: {
privateDnsZoneName: 'azure-api.net'
privateDnsARecordName: apim.name
privateDnsARecordAddresses: apim.properties.privateIPAddresses
}
}
我想在私有 DNS 区域 azure-api.net 中为我的内部 API 管理实例创建 DNS A 记录以及 API 管理部署:
var privateDnsZoneName = 'azure-api.net'
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: apim.name
parent: privateDnsZone
properties: {
aRecords: [for addr in apim.properties.privateIPAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
然而,部署时会出现此错误:
Line |
57 | New-AzResourceGroupDeployment -ResourceGroupName $ResourceGroupName `
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| 17:12:13 - Error: Code=InvalidTemplate; Message=Deployment template validation failed: 'The template resource
| '[format('{0}/{1}', variables('privateDnsZoneName'), parameters('apimName'))]' at line '221' and column '9' is not
| valid: The template function 'reference' is not expected at this location. Please see
| https://aka.ms/arm-template-expressions for usage details.. Please see https://aka.ms/arm-template-expressions for
| usage details.'.
似乎在这个地方(在 ARM 中)不支持 reference() 功能:
{
"type": "Microsoft.Network/privateDnsZones/A",
"apiVersion": "2020-06-01",
"name": "[format('{0}/{1}', variables('privateDnsZoneName'), parameters('apimName'))]",
"properties": {
"copy": [
{
"name": "aRecords",
"count": "[length(reference(resourceId('Microsoft.ApiManagement/service', parameters('apimName'))).privateIPAddresses)]",
"input": {
"ipv4Address": "[reference(resourceId('Microsoft.ApiManagement/service', parameters('apimName'))).privateIPAddresses[copyIndex('aRecords')]]"
}
}
],
"ttl": 3600
},
"dependsOn": [
"[resourceId('Microsoft.ApiManagement/service', parameters('apimName'))]",
"[resourceId('Microsoft.Network/privateDnsZones', variables('privateDnsZoneName'))]"
]
}
尝试使用介于两者之间的变量会导致相同的错误 - 因为实际上生成了相同的 ARM JSON。
var privateDnsZoneName = 'azure-api.net'
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
var apimPrivateIPAddresses = apim.properties.privateIPAddresses
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: apim.name
parent: privateDnsZone
properties: {
aRecords: [for addr in apimPrivateIPAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
除了将私有 DNS 区域 + 记录创建拆分为 Bicep 模块并删除 reference() 函数之外,我没有找到其他方法:
param privateDnsZoneName string = 'azure-api.net'
param privateDnsARecordName string
param privateDnsARecordAddresses array
resource privateDnsZone 'Microsoft.Network/privateDnsZones@2020-06-01' = {
name: privateDnsZoneName
location: 'Global'
}
resource privateDnsZoneEntry 'Microsoft.Network/privateDnsZones/A@2020-06-01' = {
name: privateDnsARecordName
parent: privateDnsZone
properties: {
aRecords: [for addr in privateDnsARecordAddresses: {
ipv4Address: addr
}]
ttl: 3600
}
}
并将 privateIPAddresses 数组传递给模块。
module privateDnsEntry './private-dns.bicep' = {
name: 'apim-private-dns'
params: {
privateDnsZoneName: 'azure-api.net'
privateDnsARecordName: apim.name
privateDnsARecordAddresses: apim.properties.privateIPAddresses
}
}