嵌套的 ARM 模板和 dependsOn
Nested ARM template and dependsOn
我正在使用我的 ARM 模板创建一组 NSG 规则,并尝试更新子网以在嵌套的 ARM 模板中使用这些 NSG 规则。模板部署失败并显示 "Another operation on this or dependent resource is in progress"。我尝试在嵌套模板中使用 "dependsOn" 功能,但这并不能解决问题。我尝试提供 NSG 名称和 resourceId()
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]",
dependsOn 运气不好。在尝试更新子网之前等待 NSG 规则准备就绪是否有更好的方法?
模板:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualNetName": {
"type": "string",
},
"subnetName": {
"type": "string",
}
},
"variables": {
"NSGName": parameters('subnetName')
"ResourceGroupName": "[resourceGroup().name]"
},
"resources": [
{
"apiVersion": "2017-11-01",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[variables('NSGName')]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "Allow-Inbound-RDP",
"properties": {
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "192.168.0.1/24",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 4050,
"direction": "Inbound"
}
}
]
}
},
{
"apiVersion": "2017-08-01",
"name": "apply-nsg-to-subnet",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]"
],
"properties": {
"mode" : "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion" : "2018-03-01",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('virtualNetName'), '/', parameters('subnetName'))]",
"properties": {
"addressPrefix": "[reference(resourceId(variables('ResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetName'), parameters('subnetName')), '2018-03-01').addressPrefix]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]"
}
}
}
]
}
}
}
]
}
我相信 1 个 NSG 和 1 个子网更新可以顺利完成,但当我使用 8 个时就不行了。
您的嵌套部署本身需要依赖于它(另一个嵌套部署),这意味着您需要添加:
[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))].
内部部署资源不能依赖于部署之外的任何东西(因为它嵌套在父级中的所有东西都在它之外)。
我正在使用我的 ARM 模板创建一组 NSG 规则,并尝试更新子网以在嵌套的 ARM 模板中使用这些 NSG 规则。模板部署失败并显示 "Another operation on this or dependent resource is in progress"。我尝试在嵌套模板中使用 "dependsOn" 功能,但这并不能解决问题。我尝试提供 NSG 名称和 resourceId()
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]",
dependsOn 运气不好。在尝试更新子网之前等待 NSG 规则准备就绪是否有更好的方法?
模板:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"virtualNetName": {
"type": "string",
},
"subnetName": {
"type": "string",
}
},
"variables": {
"NSGName": parameters('subnetName')
"ResourceGroupName": "[resourceGroup().name]"
},
"resources": [
{
"apiVersion": "2017-11-01",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[variables('NSGName')]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "Allow-Inbound-RDP",
"properties": {
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "3389",
"sourceAddressPrefix": "192.168.0.1/24",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 4050,
"direction": "Inbound"
}
}
]
}
},
{
"apiVersion": "2017-08-01",
"name": "apply-nsg-to-subnet",
"type": "Microsoft.Resources/deployments",
"dependsOn": [
"[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]"
],
"properties": {
"mode" : "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"apiVersion" : "2018-03-01",
"type": "Microsoft.Network/virtualNetworks/subnets",
"name": "[concat(parameters('virtualNetName'), '/', parameters('subnetName'))]",
"properties": {
"addressPrefix": "[reference(resourceId(variables('ResourceGroupName'), 'Microsoft.Network/virtualNetworks/subnets', parameters('virtualNetName'), parameters('subnetName')), '2018-03-01').addressPrefix]",
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))]"
}
}
}
]
}
}
}
]
}
我相信 1 个 NSG 和 1 个子网更新可以顺利完成,但当我使用 8 个时就不行了。
您的嵌套部署本身需要依赖于它(另一个嵌套部署),这意味着您需要添加:
[resourceId('Microsoft.Network/networkSecurityGroups', variables('NSGName'))].
内部部署资源不能依赖于部署之外的任何东西(因为它嵌套在父级中的所有东西都在它之外)。