问题:
ARM模板-当秘密名称连接时,从keyvault检索不起作用
仲孙鸣
"resource_Env": {
"value": "dev"
},
"activation_URI": {
"reference": {
"keyVault": {
"id": "/subscriptions/xxx/resourceGroups/RG-DEV/providers/Microsoft.KeyVault/vaults/myVault"
},
"secretName": "[concat('activation-URI-', parameters('resource_Env'))]"
}
}
"secretName": "activation-URI-dev"
我是否无法连接到secretName属性中?
下面是我的模板文件:-
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-
01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"resource_Env": {
"type": "string",
"defaultValue": "dev"
},
"resource_Env_number": {
"type": "string",
"defaultValue": "1"
},
"resource_Platform": {
"type": "string",
"defaultValue": "int"
},
"resource_Group_Locn": {
"type": "string",
"defaultValue": "australiasoutheast"
},
"resource_Org": {
"type": "string",
"defaultValue": "eml"
},
"typeName_ResourceGroup": {
"type": "string",
"defaultValue": "rg"
},
"resourceGroupPrefix": {
"type": "string",
"defaultValue": "
[concat(parameters('resource_Env'),parameters('resource_Env_Number'),'-',parameters('resource_Org'),'-',parameters('resource_Platform'))]"
},
"serviceBusNamespaceName": {
"type": "string",
"defaultValue": "
[concat(parameters('resource_Env'),parameters('resource_Env_Number'),'-eml-int-svcbus')]",
"metadata": {
"description": "Name of the Service Bus namespace"
}
},
"serviceBusTopicName": {
"type": "string",
"defaultValue": "transaction",
"metadata": {
"description": "Name of the Topic"
}
},
"typeName_FuncApp": {
"defaultValue": "func",
"type": "string"
},
"ocp_apim_subscription_key": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "Subscription key for APIM"
}
},
"svcbus_connection_string": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "Service bus connection string"
}
},
"activation_URI": {
"defaultValue": "",
"type": "string",
"metadata": {
"description": "The URI to the activate endpoint"
}
},
"webhookid": {
"type": "string",
"defaultValue": "",
"metadata": {
"description": "The id of the webhook registered with EML"
}
},
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for all resources."
}
}
},
"variables": {
},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2018-05-01",
"name": "serviceBusDeployment",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri":
"https://blob/transactiondeployment/azuredeploysvcbus.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"serviceBusNamespaceName": { "value": " [parameters('serviceBusNamespaceName')]" },
"serviceBusTopicName": { "value": "[parameters('serviceBusTopicName')]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2018-05-01",
"name": "cosmosDBDeployment",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri":
"https://blob/transactiondeployment/azuredeploycosmosdb.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"resourceGroupPrefix": { "value": "
[parameters('resourceGroupPrefix')]" }
}
}
},
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2018-05-01",
"name": "activateSubscriberDeployment",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri":
"https://blob/transactiondeployment/azuredeployactivatesubscriber.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"resource_Env": { "value": "[parameters('resource_Env')]" },
"resourceGroupPrefix": { "value": "[parameters('resourceGroupPrefix')]" },
"typeName_FuncApp": { "value": "[parameters('typeName_FuncApp')]" },
"serviceBusTopicName": { "value": "[parameters('serviceBusTopicName')]" },
"ocp_apim_subscription_key": { "value": "[parameters('ocp_apim_subscription_key')]" },
"svcbus_connection_string": { "value": "[parameters('svcbus_connection_string')]" },
"activation_URI": { "value": "[parameters('activation_URI')]" }
}
}
}
共有1个答案
盖向荣
在我的验证之后,我也重现了同样的错误。
要修复它,可以将参数activation_uri作为内联值传递给链接模板。您可以尝试将引用的值添加到参数中,以告诉从哪里检索机密。模板文件如下所示:
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2018-05-01",
"name": "activateSubscriberDeployment",
"properties": {
"mode": "Incremental",
"templateLink": {
"uri":
"https://blob/transactiondeployment/azuredeployactivatesubscriber.json",
"contentVersion": "1.0.0.0"
},
"parameters": {
"resource_Env": { "value": "[parameters('resource_Env')]" },
"resourceGroupPrefix": { "value": "[parameters('resourceGroupPrefix')]" },
"typeName_FuncApp": { "value": "[parameters('typeName_FuncApp')]" },
"serviceBusTopicName": { "value": "[parameters('serviceBusTopicName')]" },
"ocp_apim_subscription_key": { "value": "[parameters('ocp_apim_subscription_key')]" },
"svcbus_connection_string": { "value": "[parameters('svcbus_connection_string')]" },
"activation_URI": {
"reference": {
"keyVault": {
"id": "/subscriptions/xxx/resourceGroups/RG-DEV/providers/Microsoft.KeyVault/vaults/myVault"},
"secretName": "[concat('activation-URI-', parameters('resource_Env'))]"
}
}
}
}
}
参数文件如下所示:
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
...
"resource_Env": {
"value": "dev"
}
}
}
类似资料:
-
我正在Azure中部署一个虚拟机。用户名和密码将自动创建,并在部署时作为参数传递。部署vm的资源组也作为参数传递,所以可以是任何参数。 我的Keyvault在一个特定的资源组中,vm的用户名和密码应该存储在这里。
-
我想从天蓝色密钥库获取秘密。当我独立于主方法运行类时,它返回秘密,但当我在代码行future.get()处集成了这个相同的代码在servlet应用程序中;在这里它得到块,它不会像死锁一样继续前进,它一直在等待,有时会得到java.util.concurrent.执行异常:java.lang.ClassCastExctive:java.lang.字符串不能被强制转换为java.util.列表和com
-
我已经创建了服务主体,并授予了他对密钥库的所有权限。此外,我还在ARM模板中为密钥库启用了访问秘密。 使用powershell,我可以作为部署SP登录并检索秘密(证书)。 但是,在部署带有密钥存储库引用的ARM模板时,这不起作用。我得到以下错误:
-
我需要阅读Azure active directory中的用户列表。客户已经创建了一个Graph API应用程序,但他们不想共享应用程序的客户机密,而是要求我们使用密钥库。如何从节点访问。js应用程序检索用户列表的密钥是什么? 我尝试了下面的一个,但给出了错误,我不知道如何验证。
-
我刚刚开始学习Spring,我面临以下问题。有人能指出我可能做错了什么吗? 线程“main”组织中出现异常。springframework。豆。工厂BeanDefinitionStoreException:IOException解析来自类路径资源[org/pus/learn/src/main/resources/applicationBean.XML]的XML文档;嵌套的例外是java。伊奥。Fi