ARM 使用 NSG 创建子网

ARM create subnet with NSG

我正在尝试创建一个 arm 模板,该模板在现有 Vnet 上创建一个额外的子网,同时创建 NSG,然后将其附加到该子网。我已经知道创建 NSG 的程度,但是当我尝试将 NSG 附加到多个子网时,它无法创建子网和 NSG。错误低于

{
    "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
      "subnetname1": {
        "type": "string",
        "defaultValue":"front-end"
      },
     "subnetprefix1": {
        "type": "string",
        "defaultValue": "10.12.4.0/24"
      },
    "nsgsubnet1": {
        "type": "string",
        "defaultValue": "nsg-frontend"
        },
      "subnetname2": {
        "type": "string",
        "defaultValue": "back-end"
      },
     "subnetprefix2": {
        "type": "string",
        "defaultValue": "10.12.5.0/24"
      },
    "nsgsubnet2": {
        "type": "string",
        "defaultValue": "nsg-backend"
        },
      "subnetname3": {
        "type": "string",
        "defaultValue": "database"
      },
     "subnetprefix3": {
        "type": "string",
        "defaultValue": "10.12.6.0/24"
      },
    "nsgsubnet3": {
        "type": "string",
        "defaultValue": "nsg-database"
        }
    },
     "variables": {
         "vnetName":"vn-uks-Production"
     },
    "resources": [

         {
            "apiVersion": "2019-02-01",
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[parameters('nsgsubnet1')]",
            "location": "[resourceGroup().location]",
            "properties": {
            }
        },
         {
            "apiVersion": "2019-02-01",
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[parameters('nsgsubnet2')]",
            "location": "[resourceGroup().location]",
            "properties": {
            }
        },
         {
            "apiVersion": "2019-02-01",
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[parameters('nsgsubnet3')]",
            "location": "[resourceGroup().location]",
            "properties": {
            }
        },
        {
            "name": "vn-uks-production",
            "type": "Microsoft.Network/virtualNetworks",
            "apiVersion": "2019-11-01",
            "location": "[resourceGroup().location]",
            "dependsOn": [
                "[parameters('nsgsubnet1')]"
            ],
            "properties": {
                "addressSpace": {
                    "addressPrefixes": [
                        "10.12.0.0/19"
                    ]
                }
                },
        "resources": [
          {
            "apiVersion": "2018-10-01",
            "type": "subnets",
            "name": "[parameters('subnetname1')]",
            "dependsOn": [
                    "[variables('vnetName')]"

            ],
            "properties": {
                 "mode": "Incremental",
              "addressPrefix": "[parameters('subnetprefix1')]",
                        "networkSecurityGroup": {
                            "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgsubnet1'))]"
                        }
            }
          },
          {
            "apiVersion": "2018-10-01",
            "type": "subnets",
            "name": "[parameters('subnetname2')]",
            "dependsOn": [
                    "[variables('vnetName')]"
            ],
            "properties": {
              "addressPrefix": "[parameters('subnetprefix2')]",
                                      "networkSecurityGroup": {
                            "id": "[resourceId('Microsoft.Network/networkSecurityGroups', parameters('nsgsubnet2'))]"
                        }
            }
          }
        ]
      }
    
            
        
    ]
    }

我得到的错误是

{
    "status": "Failed",
    "error": {
        "code": "InvalidRequestFormat",
        "message": "Cannot parse the request.",
        "details": [
            {
                "code": "InvalidJson",
                "message": "Could not find member 'mode' on object of type 'SubnetProperties'. Path 'properties.mode', line 1, position 22."
            }
        ]
    }
}

您在资源 'subnetname1' 上有一个 "mode": "Incremental" 属性。子网不采用模式参数 - 请参阅参考资料:https://docs.microsoft.com/en-us/azure/templates/microsoft.network/virtualnetworks/subnets?tabs=json

但是,在部署虚拟网络时,请注意一个众所周知的问题 - 您需要将子网指定为 vnet 的 属性。尽管您可以选择部署子网资源,但当您第二次 运行 模板时,virtualNetwork 资源将尝试删除所有子网(因为 属性 子网是空的)- 在此处查看更多信息:https://github.com/Azure/azure-quickstart-templates/issues/2786