托管证书天蓝色容器环境

问题描述 投票:0回答:1

我正在为我的 Azure 容器应用程序使用托管证书。我使用 Bicep 将资源部署到 Azure 中。但是,当我部署后续版本时,我收到以下错误(我已经编辑了资源的实际名称。:

":"另一个托管证书,主题名称为“redacted”,证书名称为“redacted”,可在环境“redacted”中使用”

下面是我的 Bicep 文件中用于部署应用程序环境的代码。有谁知道如何防止这种情况并确保证书创建是幂等的?:

param namePrefix string
param location string
param lawClientId string
param apiHostName string

@secure()
param lawClientSecret string

resource env 'Microsoft.App/managedEnvironments@2023-05-01' = {
  name: '${namePrefix}-env'
  location: location

  properties: {
    appLogsConfiguration: {
      destination: 'log-analytics'
      logAnalyticsConfiguration: {
        customerId: lawClientId
        sharedKey: lawClientSecret
      }
    }

  }
}

resource managedCert 'Microsoft.App/managedEnvironments/managedCertificates@2023-05-02-preview' = {
  parent: env
  location: location
  name: 'ta-cert'
  properties: {
    subjectName: apiHostName
    domainControlValidation: 'CNAME'
    
  }
}

output id string = env.id
output certificateId string = managedCert.id
azure ssl-certificate azure-bicep azure-container-apps
1个回答
0
投票

如何防止这种情况并确保证书创建是幂等的:

为了满足您的要求,我使用了

if(!resourceExists)
条件来检查托管证书是否已经存在。

修改后的代码:

param namePrefix string = 'xx'
param location string = resourceGroup().location
param apiHostName string = 'newh'
var  resourceExists= 'existed resource here'
param name string = 'jahnelaw'

resource law 'Microsoft.OperationalInsights/workspaces@2020-03-01-preview' = {
  name: name
  location: location
  properties: any({
    retentionInDays: 30
    features: {
      searchVersion: 1
    }
    sku: {
      name: 'PerGB2018'
    }
  })
}
output clientId string = law.properties.customerId
output clientSecret string = law.listKeys().primarySharedKey

resource env 'Microsoft.App/managedEnvironments@2023-05-01' = {
  name: '${namePrefix}-env'
  location: location

  properties: {
    appLogsConfiguration: {
      destination: 'log-analytics'
      logAnalyticsConfiguration: {
        customerId: law.properties.customerId
        sharedKey: law.listKeys().primarySharedKey
      }
    }

  }
}

resource managedCert 'Microsoft.App/managedEnvironments/managedCertificates@2023-05-02-preview' = if(!resourceExists){
  parent: env
  location: location
  name: 'ta-cert'
  properties: {
    subjectName: apiHostName
    domainControlValidation: 'CNAME'
    
  }
}

部署成功:

enter image description here

请参阅@Alex 的blog,了解其他类似的方法。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.