排除copyIndex内的资源部署
排除copyIndex内的资源部署
提问于 2020-06-20 21:00:40
我正在尝试从一个参数对象部署一个虚拟网络、子网和NSG
"vnetSettings": {
"value": {
"name": "myVnet",
"addressPrefixes": [
{
"name": "addressSpace",
"addressPrefix": "172.25.196.0/22"
}
],
"subnets": [
{
"name": "data-subnet",
"subnetPrefix": "172.25.196.0/27"
},
{
"name": "app-subnet",
"subnetPrefix": "172.25.196.32/27"
},
{
"name": "web-subnet",
"subnetPrefix": "172.25.196.64/27"
},
{
"name": "pridmz-subnet",
"subnetPrefix": "172.25.196.96/27"
},
{
"name": "pubdmz-subnet",
"subnetPrefix": "172.25.196.128/27"
},
{
"name": "AzureFirewallSubnet",
"subnetPrefix": "172.25.196.160/28"
}
]
}
}通过此参数对象,我需要遍历每个项目并创建虚拟网络、子网和NSG,并为每个子网分配一个NSG -这很好,除非我需要排除为Azure防火墙创建NSG,并且不需要为防火墙子网分配NSG
因此,我正在尝试找到一种在copyIndex中完成此操作的方法
{
"apiVersion": "2017-06-01",
"type": "Microsoft.Network/networkSecurityGroups",
"copy": {
"name": "iterator",
"count": "[length(parameters('VNetSettings').subnets)]"
},
"name": "[if(equals(parameters('VNetSettings').subnets[copyIndex()].name, 'AzureFirewallSubnet'), json('null'), toUpper(concat(parameters('VNetSettings').name , '-', resourceGroup().location, '-', parameters('VNetSettings').subnets[copyIndex()].name, '-nsg')))]",
"location":"[resourceGroup().location]",
"properties": {
"securityRules": []
}
},此错误包含
'The template resource '[if(equals(parameters('VNetSettings').subnets[copyIndex()].name, 'AzureFirewallSubnet'), json('null'), toUpper(concat(parameters('VNetSettings').name , '-', resourceGroup().location, '-', parameters('VNetSettings').subnets[copyIndex()].name, '-nsg')))]' at line '1' and column '467' is not valid: Evaluation result of language expression '[if(equals(parameters('VNetSettings').subnets[copyIndex()].name, 'AzureFirewallSubnet'), json('null'), toUpper(concat(parameters('VNetSettings').name , '-', resourceGroup().location, '-', parameters('VNetSettings').subnets[copyIndex()].name, '-nsg')))]' is type 'Null', expected type is 'String'我可以通过传递一个字符串而不是JSON('null')来避免这个错误,因为JSON(‘null’)会创建所有的NSG,但我遇到的问题是在遍历子网的copyIndex时。
{
"apiVersion": "2020-04-01",
"name": "[toUpper(concat(parameters('VNetSettings').name, '-', resourceGroup().location, '-vnet'))]",
"dependsOn": [
"iterator"
],
"type": "Microsoft.Network/virtualNetworks",
"location":"[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"[parameters('virtualNetworkaddressSpace')]"
]
},
"copy":[
{
"name": "subnets",
"count":6,
"input": {
"name": "[if(equals(parameters('VNetSettings').subnets[copyIndex('subnets')].name, 'AzureFirewallSubnet'), variables('azureFirewallSubnetName'), concat(parameters('VNetSettings').name,'-', resourceGroup().location, '-', parameters('VNetSettings').subnets[copyIndex('subnets')].name))]",
"properties": {
"addressPrefix": "[parameters('VNetSettings').subnets[copyIndex('subnets')].subnetPrefix]",
"networkSecurityGroup": {
"id": "[if(equals(parameters('VNetSettings').subnets[copyIndex('subnets')].name, 'AzureFirewallSubnet'), json('null'), resourceId('Microsoft.Network/networkSecurityGroups/', concat(parameters('VNetSettings').name, '-', resourceGroup().location, '-', parameters('VNetSettings').subnets[copyIndex('subnets')].name, '-nsg')))]"
},我希望这是有道理的,有人能帮上忙吗?
谢谢
回答 1
Stack Overflow用户
发布于 2020-06-20 22:32:50
而不是尝试将奇怪的情况与其他情况放在一起,我只是将其分开:
"vnetSettings": {
"value": {
"name": "myVnet",
"addressPrefixes": [
{
"name": "addressSpace",
"addressPrefix": "172.25.196.0/22"
}
],
"subnets": [
{
"name": "data-subnet",
"subnetPrefix": "172.25.196.0/27"
},
{
"name": "app-subnet",
"subnetPrefix": "172.25.196.32/27"
},
{
"name": "web-subnet",
"subnetPrefix": "172.25.196.64/27"
},
{
"name": "pridmz-subnet",
"subnetPrefix": "172.25.196.96/27"
},
{
"name": "pubdmz-subnet",
"subnetPrefix": "172.25.196.128/27"
}//,
//{
// "name": "AzureFirewallSubnet",
// "subnetPrefix": "172.25.196.160/28"
//}
],
"firewallSubnetPrefix":"172.25.196.160/28"
}
}然后创建防火墙子网作为顶级资源:
"resources: [
{
"apiVersion": "2020-04-01",
"name": "[toUpper(concat(parameters('VNetSettings').name, '-', resourceGroup().location, '-vnet'))]",
"type": "Microsoft.Network/virtualNetworks",
//...
},
{
"name": "AzureFirewallSubnet",
"type": "Microsoft.Network/virtualNetworks/subnets",
"apiVersion": "2020-04-01",
"properties": {
"addressPrefix": "[parameters('vnetSettings').firewallSubnetPrefix]",
},
"dependsOn": [
"[toUpper(concat(parameters('VNetSettings').name, '-', resourceGroup().location, '-vnet'))]"
],
//...
}
]页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/62486140
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号