为了将 Synapse 工作区连接到不同资源组中定义的 Azure 存储帐户和文件系统,必须在 ARM 模板中使用什么特定语法?
所需格式:
需要连接的存储组的资源id,格式为:
"/subscriptions/valid-subscription-id/resourceGroups/differentresourcegroupname/providers/Microsoft.Storage/storageAccounts/nameofstorageaccount"
错误信息:
我们收到的错误消息是:
C:\Users\me>az deployment group create --name mydeploymentname --resource-group newresourcegroup --template-file C:\\path\\to\\dir\\synapse.json --verbose --parameters C:\\path\\to\\dir\\keys.json
{"code": "InvalidTemplate", "message": "Deployment template validation failed: 'The template reference 'nameofstorageaccount' is not valid: could not find template resource or resource copy with this name. Please see https://aka.ms/arm-function-reference for usage details.'.", "additionalInfo": [{"type": "TemplateViolation", "info": {"lineNumber": 0, "linePosition": 0, "path": ""}}]}
Command ran in 2.649 seconds (init: 0.392, invoke: 2.257)
问题所在:
ARM 模板中定义错误语法的部分是:
"variables": {
...
"dlsName": "[toLower(concat('dls',parameters('companyTla'),parameters('deploymentType')))]",
"dlsFsName": "[toLower(concat(variables('dlsName'),'fs1'))]",
...
}
具体来说,我们需要如何更改前面块中的
dlsName
和 dlsFsName
变量定义,以便在不破坏 ARM 模板的情况下正确引用其他资源组中的存储帐户和文件系统?
有问题的资源部分:
Microsoft.Synapse/workspaces
资源定义中需要摄取正确形成的存储帐户和文件系统的部分是:
"defaultDataLakeStorage": {
"accountUrl": "[reference(variables('dlsName')).primaryEndpoints.dfs]",
"filesystem": "[variables('dlsFsName')]"
},
完整的最小手臂模板:
完整的ARM模板是:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"location": {
"type": "string",
"defaultValue": "[resourceGroup().location]",
"metadata": {
"description": "Location for your deployment."
}
},
"companyTla": {
"type": "string",
"metadata": {
"description": "This is a Three Letter Acronym for your company name. 'CON' for Contoso for example."
}
},
"allowAllConnections": {
"type": "string",
"defaultValue": "true"
},
"deploymentType": {
"type": "string",
"defaultValue": "poc"
},
"sqlAdministratorLogin": {
"type": "string",
"metadata": {
"description": "The username of the SQL Administrator"
}
},
"sqlAdministratorLoginPassword": {
"type": "securestring",
"metadata": {
"description": "The password for the SQL Administrator"
}
}
},
"variables": {
"synapseName": "[toLower(concat(parameters('companyTla'),parameters('deploymentType')))]",
"dlsName": "[toLower(concat('dls',parameters('companyTla'),parameters('deploymentType')))]",
"dlsFsName": "[toLower(concat(variables('dlsName'),'fs1'))]",
"workspaceName": "[toLower(concat(variables('synapseName'),'ws1'))]"
},
"resources": [
{
"type": "Microsoft.Synapse/workspaces",
"apiVersion": "2019-06-01-preview",
"name": "[variables('workspaceName')]",
"location": "[parameters('location')]",
"identity": {
"type": "SystemAssigned"
},
"properties": {
"defaultDataLakeStorage": {
"accountUrl": "[reference(variables('dlsName')).primaryEndpoints.dfs]",
"filesystem": "[variables('dlsFsName')]"
},
"sqlAdministratorLogin": "[parameters('sqlAdministratorLogin')]",
"sqlAdministratorLoginPassword": "[parameters('sqlAdministratorLoginPassword')]",
"managedVirtualNetwork": "default"
},
"resources": [
{
"condition": "[equals(parameters('allowAllConnections'),'true')]",
"type": "firewallrules",
"apiVersion": "2019-06-01-preview",
"name": "allowAll",
"location": "[parameters('location')]",
"dependsOn": [ "[variables('workspaceName')]" ],
"properties": {
"startIpAddress": "0.0.0.0",
"endIpAddress": "255.255.255.255"
}
},
{
"type": "firewallrules",
"apiVersion": "2019-06-01-preview",
"name": "AllowAllWindowsAzureIps",
"location": "[parameters('location')]",
"dependsOn": [ "[variables('workspaceName')]" ],
"properties": {
"startIpAddress": "0.0.0.0",
"endIpAddress": "0.0.0.0"
}
},
{
"type": "managedIdentitySqlControlSettings",
"apiVersion": "2019-06-01-preview",
"name": "default",
"location": "[parameters('location')]",
"dependsOn": [ "[variables('workspaceName')]" ],
"properties": {
"grantSqlControlToManagedIdentity": {
"desiredState": "Enabled"
}
}
}
]
}
]
}
我明白了:
"dlsName": "[toLower(concat('dls',parameters('companyTla'),parameters('deploymentType')))]",
"dlsFsName": "[toLower(concat(variables('dlsName'),'fs1'))]",
dlsName
是使用字符串和参数的串联构造的。这会产生名称,而不是资源 ID,这似乎不足以引用另一个资源组中的存储帐户。
并且:
"defaultDataLakeStorage": {
"accountUrl": "[reference(variables('dlsName')).primaryEndpoints.dfs]",
"filesystem": "[variables('dlsFsName')]"
},
ARM 模板尝试使用
variables('dlsName')
引用存储帐户。但是,由于 dlsName
不持有有效的资源 ID,因此它无法正确引用不同资源组中的存储帐户。 reference
函数需要同一部署模板中的资源 ID 或资源名称,但此处的情况并非如此。
来自 Azure 的错误消息证实了此问题:
"The template reference 'nameofstorageaccount' is not valid: could not find template resource or resource copy with this name."
dlsName
variable 应替换为对存储帐户资源 ID 的直接引用(我们称之为 dlsResourceId
),并且 dlsFsName
应正确引用文件系统的名称。
"variables": {
...
"dlsResourceId": "/subscriptions/valid-subscription-id/resourceGroups/differentresourcegroupname/providers/Microsoft.Storage/storageAccounts/nameofstorageaccount",
"dlsFsName": "yourFileSystemName", // Replace with your actual file system name
...
}
并更新
defaultDataLakeStorage
部分:
"defaultDataLakeStorage": {
"accountUrl": "[concat('https://', variables('dlsResourceId'), '.dfs.core.windows.net')]",
"filesystem": "[variables('dlsFsName')]"
},