Key Vault ipRules 属性 作为参数问题
Key Vault ipRules property as parameter issue
我正在尝试使用 ARM 模板为 Azure Key Vault 添加防火墙规则。如果 ipRules 属性 与多个 IP 一起在模板中定义(而不是作为参数),它将按预期工作。
但是,如果我尝试将其定义为参数,则 “在请求中发现错误 JSON 内容。”
属性 定义在 Template ("apiVersion": "2019-09-01"):
"kv-ipRules": {
"type": "array",
"metadata": {
"description": "The address space (in CIDR notation) to use for the Azure Key Vault to be deployed as Firewall rules."
}
}
"networkAcls": {
"defaultAction": "Deny",
"bypass": "AzureServices",
"virtualNetworkRules": [
{
"id": "[concat(parameters('kv-virtualNetworks'), '/subnets/','kv-subnet')]",
"ignoreMissingVnetServiceEndpoint": false
}
],
"ipRules": "[parameters('kv-ipRules')]"
}
属性 在参数中定义:
"kv-ipRules": {
"value": [
"xx.xx.xx.xxx",
"yy.yy.yy.yyy"
]
}
鉴于文档 (https://docs.microsoft.com/en-us/azure/templates/Microsoft.KeyVault/vaults?tabs=json#IPRule),我会使用:
"kv-ipRules": {
"value": [
{
"value": "xx.xx.xx.xxx"
},
{
"value": "yy.yy.yy.yyy"
}
]
}
我正在尝试使用 ARM 模板为 Azure Key Vault 添加防火墙规则。如果 ipRules 属性 与多个 IP 一起在模板中定义(而不是作为参数),它将按预期工作。
但是,如果我尝试将其定义为参数,则 “在请求中发现错误 JSON 内容。”
属性 定义在 Template ("apiVersion": "2019-09-01"):
"kv-ipRules": {
"type": "array",
"metadata": {
"description": "The address space (in CIDR notation) to use for the Azure Key Vault to be deployed as Firewall rules."
}
}
"networkAcls": {
"defaultAction": "Deny",
"bypass": "AzureServices",
"virtualNetworkRules": [
{
"id": "[concat(parameters('kv-virtualNetworks'), '/subnets/','kv-subnet')]",
"ignoreMissingVnetServiceEndpoint": false
}
],
"ipRules": "[parameters('kv-ipRules')]"
}
属性 在参数中定义:
"kv-ipRules": {
"value": [
"xx.xx.xx.xxx",
"yy.yy.yy.yyy"
]
}
鉴于文档 (https://docs.microsoft.com/en-us/azure/templates/Microsoft.KeyVault/vaults?tabs=json#IPRule),我会使用:
"kv-ipRules": {
"value": [
{
"value": "xx.xx.xx.xxx"
},
{
"value": "yy.yy.yy.yyy"
}
]
}