我的 keyvault 有如下的 Arm 模板,但部署后它不会执行任何操作。任何人都可以阐明吗?谢谢!
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Deny",
"ipRules": [],
"virtualnetworkRules": [
{
"id": "%RESOURCE_GROUP_NAME%/providers/Microsoft.Network/virtualNetworks/%RESOURCE_GROUP_NAME%-vnet/subnets/default",
"ignoreMissingVNetServiceEndpoint": false
}
]
}
最佳答案
如果您使用 ARM 模板,则应该是:
"networkAcls": {
"bypass": "AzureServices",
"defaultAction": "Deny",
"ipRules": [],
"virtualnetworkRules": [
{
"id": "/subscriptions/<azure sub id>/resourceGroups/<resource group name>/providers/Microsoft.Network/virtualNetworks/<vnet name>/subnets/<subnet name>",
"ignoreMissingVNetServiceEndpoint": false
}
]
}
如果您使用的是 AZ PowerShell,请尝试如下 Update-AzKeyVaultNetworkRuleSet
:
$vnetName = ''
$vnetRG = ''
$keyvaultName = ''
$myNetworkResId = (Get-AzVirtualNetwork -Name $vnetName -ResourceGroupName $vnetRG).Subnets[0].Id
Update-AzKeyVaultNetworkRuleSet -VaultName $keyvaultName -Bypass AzureServices -DefaultAction Deny -VirtualNetworkResourceId $myNetworkResId
我已经测试了它们,结果:
关于azure - 为 key 保管库的 virtualNetworkRules 添加 ARM 模板,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/67449375/