我可以有条件地使用ARM模板中的复制功能吗
Can I conditionally use the Copy function in ARM Template
我们的解决方案部署到多个环境,开发、测试和生产。我有条件地为非开发环境部署虚拟网络和其他强大的网络基础设施。我遇到的困难是将访问限制应用于应用服务的 Web 配置,仅当布尔值为真时(使用 copyIndex)。
下面的方法用于将子网访问限制分配给应用服务:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "ukwest"
}
},
"variables": {
"networkingRequired": true,
"aspName": "xxxMyAppServicePlan",
"siteName": "xxxMySite1",
"vnetName": "superVnetName",
"subnetNames": [
"subnetone",
"subnettwo",
"subnetthree"
]
},
"resources": [
{
"name": "[variables('aspName')]",
"type": "Microsoft.Web/serverfarms",
"kind": "app",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"properties": {},
"sku": {
"name": "S1",
"capacity": 1
}
},
{
"kind": "app",
"name": "[variables('siteName')]",
"type": "Microsoft.Web/sites",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('aspName'))]",
"siteConfig": {
"clientAffinityEnabled": false,
"httpsOnly": true,
"alwaysOn": true,
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\wwwroot",
"preloadEnabled": true
}
],
"copy": [
{
"name": "ipSecurityRestrictions",
"count": "[length(variables('subnetNames'))]",
"input": {
"vnetSubnetResourceId": "[resourceId(resourceGroup().name, 'Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('subnetNames')[copyIndex('ipSecurityRestrictions')])]",
"action": "Allow",
"priority": "1",
"name": "[variables('subnetNames')[copyIndex('ipSecurityRestrictions')]]",
"description": "[concat(variables('subnetNames')[copyIndex('ipSecurityRestrictions')], ' subnet')]"
}
}
]
}
},
"dependsOn": [
"[variables('aspName')]"
]
}
]
}
所以我现在需要做的是让它尊重变量 'networkingRequired' 并且只在网络为真时为 ipSecurityRestrictions 执行 "copy"。
最简单的方法 - 将副本移动到变量部分并使用表达式定义 ipSecurityRestrictions "on the fly".
的值
"variables": {
"empty": [],
"copy": [you copy goes here]
},
...
"ipSecurityRestrictions": "[if(variables('networkingRequired'), variables('ipSecurityRestrictions'), variables('empty'))]"
我们的解决方案部署到多个环境,开发、测试和生产。我有条件地为非开发环境部署虚拟网络和其他强大的网络基础设施。我遇到的困难是将访问限制应用于应用服务的 Web 配置,仅当布尔值为真时(使用 copyIndex)。
下面的方法用于将子网访问限制分配给应用服务:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "ukwest"
}
},
"variables": {
"networkingRequired": true,
"aspName": "xxxMyAppServicePlan",
"siteName": "xxxMySite1",
"vnetName": "superVnetName",
"subnetNames": [
"subnetone",
"subnettwo",
"subnetthree"
]
},
"resources": [
{
"name": "[variables('aspName')]",
"type": "Microsoft.Web/serverfarms",
"kind": "app",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"properties": {},
"sku": {
"name": "S1",
"capacity": 1
}
},
{
"kind": "app",
"name": "[variables('siteName')]",
"type": "Microsoft.Web/sites",
"apiVersion": "2018-02-01",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"serverFarmId": "[resourceId('Microsoft.Web/serverfarms', variables('aspName'))]",
"siteConfig": {
"clientAffinityEnabled": false,
"httpsOnly": true,
"alwaysOn": true,
"virtualApplications": [
{
"virtualPath": "/",
"physicalPath": "site\wwwroot",
"preloadEnabled": true
}
],
"copy": [
{
"name": "ipSecurityRestrictions",
"count": "[length(variables('subnetNames'))]",
"input": {
"vnetSubnetResourceId": "[resourceId(resourceGroup().name, 'Microsoft.Network/virtualNetworks/subnets', variables('vnetName'), variables('subnetNames')[copyIndex('ipSecurityRestrictions')])]",
"action": "Allow",
"priority": "1",
"name": "[variables('subnetNames')[copyIndex('ipSecurityRestrictions')]]",
"description": "[concat(variables('subnetNames')[copyIndex('ipSecurityRestrictions')], ' subnet')]"
}
}
]
}
},
"dependsOn": [
"[variables('aspName')]"
]
}
]
}
所以我现在需要做的是让它尊重变量 'networkingRequired' 并且只在网络为真时为 ipSecurityRestrictions 执行 "copy"。
最简单的方法 - 将副本移动到变量部分并使用表达式定义 ipSecurityRestrictions "on the fly".
"variables": {
"empty": [],
"copy": [you copy goes here]
},
...
"ipSecurityRestrictions": "[if(variables('networkingRequired'), variables('ipSecurityRestrictions'), variables('empty'))]"