将 NSG 应用到子网时，不需要 Azure ARM 模板 'copyIndex'

Question

我正在使用复制功能创建 NSG，它工作正常。但是，我想以类似的方式将 NSG 应用于子网，但我得到的复制索引不是预期的。

{
  "apiVersion": "2017-08-01",
  "name": "apply-nsg-to-subnet",
  "type": "Microsoft.Resources/deployments",
  "properties": {
    "mode": "Incremental",
    "template": {
      "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
      "contentVersion": "#{BuildNumber}#",
      "resources": [
        {
          "apiVersion": "2018-06-01",
          "type": "Microsoft.Network/virtualNetworks/subnets",
          "name": "[concat(parameters('vnetName') , '/' , parameters('subnets').settings[copyIndex()].name)]",
          "location": "[variables('location')]",
          "copy":{
            "name": "subnetLoop",
            "count": "[variables('subnetcount')]",
            "mode": "Serial"
          },
          "properties": {
            "addressPrefix": "[parameters('subnets').settings[copyIndex()].addressPrefix]",
            "networkSecurityGroup": {
              "id": "[resourceId('Microsoft.Network/networkSecurityGroups', concat(parameters('nsgNameAffix'), parameters('subnets').settings[copyIndex()].name, variables('nsgNameSuffix')))]"
            }
          }
        }
      ]
    }
  }
}

我的 copyIndex 使用有什么问题以及在这种情况下应该如何使用它？

Answer 1

这是由于您正在使用的嵌套内联模板，我能够重现并且能够使用此示例模板来解决:

{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "subnets": {
            "type": "array",
            "defaultValue": [
                {
                    "name": "testo",
                    "addressPrefix": "10.0.0.0/24"
                },
                {
                    "name": "testo1",
                    "addressPrefix": "10.0.1.0/24"
                }
            ]
        }
    },
    "resources": [
        {
            "apiVersion": "2018-08-01",
            "name": "vnet-testo",
            "type": "Microsoft.Network/virtualNetworks",
            "location": "[resourceGroup().location]",
            "properties": {
                "addressSpace": {
                    "addressPrefixes": [
                        "10.0.0.0/16"
                    ]
                }
            }
        },
        {
            "apiVersion": "2015-06-15",
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[parameters('subnets')[copyIndex()].name]",
            "location": "[resourceGroup().location]",
            "copy": {
                "name": "nsg",
                "count": "[length(parameters('subnets'))]"
            },
            "properties": {
                "securityRules": []
            }
        },
        {
            "name": "NestedDeployment1",
            "type": "Microsoft.Resources/deployments",
            "apiVersion": "2015-01-01",
            "dependsOn": [
                "nsg",
                "vnet-testo"
            ],
            "properties": {
                "mode": "Incremental",
                "templateLink": {
                    "uri": "https://paste.ee/d/iCWEu/0",
                    "contentVersion": "1.0.0.0"
                },
                "parameters": {
                    "subnets": {
                        "value": "[parameters('subnets')]"
                    }
                }
            }
        }
    ]
}

基本上，我刚刚将您的模板转换为嵌套模板(不是内联)。

ps。查看我的副本定义，它比你的好一点。