KeyVault 模板 - 多个访问策略
KeyVault Template - Multiple AccesPolicies
我有多个对象 ID 要添加到密钥保管库的访问策略中。所以我有一个 objectId 数组,我正在遍历它。但是我收到此错误:为 'accessPolicies' 提供了无效值。我的代码基于这个:https://collab365.community/azure-keyvault-set-multiple-access-policies-using-the-arm-template/
This is a part of my arm template:
"parameters": {
"kvAccessPolicies": {
"type": "array",
"metadata": {
"description": "Access Ids for KeyVaults"
},
"defaultValue": [
"none"
]
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults/accessPolicies",
"name": "[concat(parameters('keyVaultName'), '/add')]",
"apiVersion": "2019-09-01",
"dependsOn":[
"[parameters('keyVaultName')]"
],
"properties": {
"accessPolicies": [
{
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}
]
}
}
]
This is a part of my parameter file:
"KvAccessPolicies": [
{
"objectId": "85949fj3-t488-4ye3-5i54-2j2jwk5jri3e"
},
{
"objectId": "4ieh345t-6i4r-t5y4-g9t4-7u6jktl5kri4"
}
]
您不需要 accessPolicies 属性。 copy 迭代器将使用 "name": "accessPolicies", 行为您添加 属性。只需消除该级别,将 copy 块提高一个级别。
"properties": {
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}
我有多个对象 ID 要添加到密钥保管库的访问策略中。所以我有一个 objectId 数组,我正在遍历它。但是我收到此错误:为 'accessPolicies' 提供了无效值。我的代码基于这个:https://collab365.community/azure-keyvault-set-multiple-access-policies-using-the-arm-template/
This is a part of my arm template:
"parameters": {
"kvAccessPolicies": {
"type": "array",
"metadata": {
"description": "Access Ids for KeyVaults"
},
"defaultValue": [
"none"
]
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults/accessPolicies",
"name": "[concat(parameters('keyVaultName'), '/add')]",
"apiVersion": "2019-09-01",
"dependsOn":[
"[parameters('keyVaultName')]"
],
"properties": {
"accessPolicies": [
{
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}
]
}
}
]
This is a part of my parameter file:
"KvAccessPolicies": [
{
"objectId": "85949fj3-t488-4ye3-5i54-2j2jwk5jri3e"
},
{
"objectId": "4ieh345t-6i4r-t5y4-g9t4-7u6jktl5kri4"
}
]
您不需要 accessPolicies 属性。 copy 迭代器将使用 "name": "accessPolicies", 行为您添加 属性。只需消除该级别,将 copy 块提高一个级别。
"properties": {
"copy": [
{
"name": "accessPolicies",
"count": "[length(parameters('kvAccessPolicies'))]",
"input": {
"tenantId": "[subscription().tenantId]",
"objectId": "[parameters('kvAccessPolicies')[copyIndex('accessPolicies')].objectId]",
"permissions": {
"keys": [
"all"
],
"secrets": [
"all"
],
"certificates": [
"all"
],
"storage": [
"all"
]
}
}
}
]
}