子网的二头肌模板问题

问题描述 投票:0回答:2

我在 RG1 中有一个现有的 vnet 和路由表。所有其他资源都在 RG2 中。

我正在创建一个子网二头肌,它将被称为模块,并且它必须与 vnet 和路由表关联。

子网二头肌

//parameters
//variables

resource vnetRef 'Microsoft.Network/virtualNetworks@2023-09-01' = {
  name: vnetId
}

resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-09-01' = {
  name: subnetName
  parent: vnetRef
  properties: {
    addressPrefix: subnetPrefix
    routeTable: {
      id: routeTableId
    }          
  }
}

output subnetId string = subnet.id

主要二头肌

resource vnet 'Microsoft.Network/virtualNetworks@2023-09-01' existing = {
  name: '${appAcronym}-${subscriptionName}-vnet'
  scope: resourceGroup(sharedScopeRG)
}

resource routeTable 'Microsoft.Network/routeTables@2023-09-01' existing = {
  name: routeTableName
  scope: resourceGroup(sharedScopeRG)
}

module subnetModule '../AnotherRepo/subnet.bicep' = {
  name: 'subnetModule'
  scope: resourceGroup(rgName)
  params: {
    name: subnetName
    subnetPrefix: subnetAddressSpace
    vnetId: vnet.id
    routeTableId: routeTable.id
    //other params for subnet bicep
  }
}

失败,并显示“Microsoft.Network/virtualNetworks”类型的模板资源“/subscriptions/subid/resourceGroups/RG1/providers/Microsoft.Network/virtualNetworks/myVnet”在“1”行和“1739”列的段长度不正确。嵌套资源类型的段数必须与其资源名称相同。根资源类型的段长度必须比其资源名称大一。请参阅 https://aka.ms/arm-syntax-resources 了解使用详情。'.

然后,我在调用子网 bicep 时传递了 vnet.name 而不是 vnet.id,然后收到以下错误:策略不允许资源“myVnet”。错误类型:PolicyViolation,策略定义名称:允许的位置,策略分配名称:.

这意味着在调用子网模块时它正在尝试创建 vnet。我尝试了多种推荐方式,但都没有成功。

azure azure-resource-manager azure-virtual-network azure-bicep
2个回答
1
投票

首先,您应该在 vnet 资源内部署子网。 否则,如果重新运行 vnet 模块,则 vnet 模块中未定义的现有子网将被销毁(请参阅相关帖子)。

在子网模块中,您需要使用 

existing
关键字来引用现有的 vnet:

// subnet.bicep
param vnetName string
param subnetName string
param subnetPrefix string
param routeTableId string

resource vnetRef 'Microsoft.Network/virtualNetworks@2023-09-01' existing = {
  name: vnetName
}

resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-09-01' = {
  parent: vnetRef
  name: subnetName  
  properties: {
    addressPrefix: subnetPrefix
    routeTable: {
      id: routeTableId
    }   
  }
}

output subnetId string = subnet.id

从主文件调用子网模块时,该模块的范围必须是 vnet 资源组的范围:

param appAcronym string
param subscriptionName string
param sharedScopeRG string
param routeTableName string
param subnetName string
param subnetAddressSpace string

resource vnet 'Microsoft.Network/virtualNetworks@2023-09-01' existing = {
  name: '${appAcronym}-${subscriptionName}-vnet'
  scope: resourceGroup(sharedScopeRG)
}

resource routeTable 'Microsoft.Network/routeTables@2023-09-01' existing = {
  name: routeTableName
  scope: resourceGroup(sharedScopeRG)
}

module subnetModule 'subnet.bicep' = {
  name: 'subnetModule'
  scope: resourceGroup(sharedScopeRG) // scope should be the scope of the vnet resource group
  params: {
    subnetName: subnetName
    vnetName: vnet.name
    subnetPrefix: subnetAddressSpace
    routeTableId: routeTable.id
  }
}
0
投票
resource vnet 'Microsoft.Network/virtualNetworks@2023-09-01' existing = {
  name: '${appAcronym}-${subscriptionName}-vnet'
  scope: resourceGroup(myRG)
}

module subnetModule '/subnet.bicep' = {
  name: '${prefixRName}-snetModule'
  scope: resourceGroup(myRG)
  params: {
    name: 
    subnetPrefix: 
    vnetName: vnet.name
  }
}

param name string
param vnetName string

var subnetName = '${vnetName}/${name}'

resource subnet 'Microsoft.Network/virtualNetworks/subnets@2023-09-01' = {
  name: subnetName
  properties: {
    addressPrefix: //param for address            
  }
}

output subnetId string = subnet.id
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.