我使用 Key Vault 引用通过 ARM 模板在应用服务的应用程序设置中设置 Key Vault 中的 secret ,如下所示:
{
"variables": {
"secretA": "secretA",
"secretB": "secretB"
},
"resources": [
{
"apiVersion": "",
"type": "Microsoft.Web/sites",
"name": "",
"location": "",
"kind": "",
"properties": {
"serverFarmId": "",
"clientAffinityEnabled": false,
"siteConfig": {},
"httpsOnly": true
},
"identity": {
"type": "SystemAssigned"
},
"resources": [
{
"apiVersion": "2018-02-01",
"name": "appsettings",
"type": "config",
"dependsOn": [
"[resourceId('Microsoft.Web/sites', parameters('name'))]",
"[resourceId('Microsoft.KeyVault/vaults/', parameters('keyVaultName'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretA'))]",
"[resourceId('Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('secretB'))]"
],
"properties": {
"secretA": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretA')).secretUriWithVersion, ')')]",
"secretB": "[concat('@Microsoft.KeyVault(SecretUri=', reference(variables('secretB')).secretUriWithVersion, ')')]"
}
}
]
}
]
}
使用上面的代码,我看到以下错误:
##[错误]InvalidTemplate:部署模板验证失败:“模板引用“secretA”无效:找不到具有此名称的模板资源或资源副本。”
最佳答案
如果您想引用现有资源,您需要提供 API 版本:
reference(variables('secretA'), '2019-09-01').secretUriWithVersion
您可以通过以下方式获取 api 版本:
( Get-AzResourceProvider -ProviderNamespace 'Microsoft.KeyVault' ).ResourceTypes | ft ResourceTypeName, ApiVersions
关于azure - 通过 ARM 模板将 Key Vault 引用用于应用服务,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/62492843/