Azure ARM 模板 vnet 对等不同订阅
Azure ARM template vnet peering different subscriptions
我正在尝试对不同订阅(中心辐射模型)中的现有 vnet 进行 vnet 对等互连。我想动态地提供订阅 ID(不是硬编码)。我知道我们可以使用 susbcription().id 进行相同的订阅,但不同订阅的功能是什么
如评论中所述,在订阅 A 中部署模板时,没有获取订阅 B id 的函数。您必须按照此 Microsoft Document.
中所述手动提供订阅 B id
示例:
您可以使用以下模板对不同订阅中的 VNETS 进行 vnet 对等互连:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetAName": {
"type": "string",
"defaultValue":"ansuman-vnet",
"metadata": {
"description": "Name of the first VNET"
}
},
"vnetBName": {
"type": "string",
"defaultValue":"vnet-ansuman",
"metadata": {
"description": "Name of the Second VNET"
}
},
"vnetAPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "Prefix of the first VNET"
}
},
"vnetBPrefix": {
"type": "string",
"defaultValue": "10.1.0.0/16",
"metadata": {
"description": "Prefix of the Second VNET"
}
},
"subscriptionAID": {
"type": "string",
"metadata": {
"description": "the Subscription ID for the first VNET"
},
"defaultValue": "subA"
},
"resourceGroupAName": {
"type": "string",
"defaultValue": "ansumantest",
"metadata": {
"description": "the resource group name for the first VNET"
}
},
"subscriptionBID": {
"type": "string",
"defaultValue": "subB",
"metadata": {
"description": "the Subscription ID for the second VNET"
}
},
"resourceGroupBName": {
"type": "string",
"defaultValue": "rgB",
"metadata": {
"description": "the resource group name for the second VNET"
}
},
"location": {
"type": "string",
"defaultValue": "West US 2"
}
},
"variables": {
"vnetAtoVnetBPeeringName": "[concat(parameters('vnetAName'),'-to-',parameters('vnetBName'))]",
"vnetBtoVnetAPeeringName": "[concat(parameters('vnetBName'),'-to-',parameters('vnetAName'))]"
},
"resources": [
{
"apiVersion": "2020-06-01",
"name": "createPeeringAtoB",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionAID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromA",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetAName'), '/', variables('vnetAtoVnetBPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionBID'),'/resourceGroups/',parameters('resourceGroupBName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetBName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetBPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
},
{
"apiVersion": "2020-06-01",
"name": "createPeeringBtoA",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionBID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromB",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetBName'), '/', variables('vnetBtoVnetAPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionAID'),'/resourceGroups/',parameters('resourceGroupAName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetAName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetAPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
}
],
"outputs": {
}
}
输出:
注意:如果您将上述代码部署到订阅 A,则可以将 "[parameters('subscriptionAID')]" 替换为 subscription().id,如果您将其部署到订阅 B 那么你可以将 "[parameters('subscriptionBID')]" 替换为 subscription().id。由于 subscription().id 仅采用 当前订阅的值,即模板部署到的位置 .
我正在尝试对不同订阅(中心辐射模型)中的现有 vnet 进行 vnet 对等互连。我想动态地提供订阅 ID(不是硬编码)。我知道我们可以使用 susbcription().id 进行相同的订阅,但不同订阅的功能是什么
如评论中所述,在订阅 A 中部署模板时,没有获取订阅 B id 的函数。您必须按照此 Microsoft Document.
示例:
您可以使用以下模板对不同订阅中的 VNETS 进行 vnet 对等互连:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetAName": {
"type": "string",
"defaultValue":"ansuman-vnet",
"metadata": {
"description": "Name of the first VNET"
}
},
"vnetBName": {
"type": "string",
"defaultValue":"vnet-ansuman",
"metadata": {
"description": "Name of the Second VNET"
}
},
"vnetAPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "Prefix of the first VNET"
}
},
"vnetBPrefix": {
"type": "string",
"defaultValue": "10.1.0.0/16",
"metadata": {
"description": "Prefix of the Second VNET"
}
},
"subscriptionAID": {
"type": "string",
"metadata": {
"description": "the Subscription ID for the first VNET"
},
"defaultValue": "subA"
},
"resourceGroupAName": {
"type": "string",
"defaultValue": "ansumantest",
"metadata": {
"description": "the resource group name for the first VNET"
}
},
"subscriptionBID": {
"type": "string",
"defaultValue": "subB",
"metadata": {
"description": "the Subscription ID for the second VNET"
}
},
"resourceGroupBName": {
"type": "string",
"defaultValue": "rgB",
"metadata": {
"description": "the resource group name for the second VNET"
}
},
"location": {
"type": "string",
"defaultValue": "West US 2"
}
},
"variables": {
"vnetAtoVnetBPeeringName": "[concat(parameters('vnetAName'),'-to-',parameters('vnetBName'))]",
"vnetBtoVnetAPeeringName": "[concat(parameters('vnetBName'),'-to-',parameters('vnetAName'))]"
},
"resources": [
{
"apiVersion": "2020-06-01",
"name": "createPeeringAtoB",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionAID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromA",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetAName'), '/', variables('vnetAtoVnetBPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionBID'),'/resourceGroups/',parameters('resourceGroupBName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetBName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetBPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
},
{
"apiVersion": "2020-06-01",
"name": "createPeeringBtoA",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionBID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromB",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetBName'), '/', variables('vnetBtoVnetAPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionAID'),'/resourceGroups/',parameters('resourceGroupAName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetAName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetAPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
}
],
"outputs": {
}
}
输出:
注意:如果您将上述代码部署到订阅 A,则可以将 "[parameters('subscriptionAID')]" 替换为 subscription().id,如果您将其部署到订阅 B 那么你可以将 "[parameters('subscriptionBID')]" 替换为 subscription().id。由于 subscription().id 仅采用 当前订阅的值,即模板部署到的位置 .