我正在使用 Bicep 部署标准逻辑应用程序。 我正在尝试设置“从选择的虚拟网络和 IP 地址启用”以及关联的“站点访问和规则” 下面的代码导致三个“公共网络访问”选项都没有被设置,所以我猜测它被设置为空。有人实现过这个吗?
resource logicApp 'Microsoft.Web/sites@2022-09-01' = {
name: logicAppName
location: location
kind: 'functionapp,workflowapp'
identity: {
type: 'SystemAssigned'
}
properties: {
serverFarmId: hostingPlan.id
virtualNetworkSubnetId: subnetLogicAppId
siteConfig: {
cors: {
allowedOrigins: [
'https://portal.azure.com'
]
}
ftpsState: 'Disabled'
minTlsVersion: '1.2'
use32BitWorkerProcess: false
netFrameworkVersion: '6.0'
functionsRuntimeScaleMonitoringEnabled: false
vnetRouteAllEnabled: true
**publicNetworkAccess: 'Enabled'
ipSecurityRestrictions: [
{
ipAddress: 'xxx.xxx.xxx.xxx/32'
action: 'Allow'
tag: 'Default'
priority: 300
name: 'laptop'
description: 'laptop IP'
}
{
ipAddress: 'Any'
action: 'Deny'
priority: 2147483647
name: 'Deny all'
description: 'Deny all access'
}
]
ipSecurityRestrictionsDefaultAction:'Deny'
scmIpSecurityRestrictions: [
{
ipAddress: 'Any'
action: 'Deny'
priority: 2147483647
name: 'Deny all'
description: 'Deny all access'
}
]
scmIpSecurityRestrictionsDefaultAction:'Deny'
scmIpSecurityRestrictionsUseMain: true**
}
httpsOnly: true
}
}
尝试设置“从选定的虚拟网络和 IP 地址启用”以及关联的“站点访问和规则”:
为了确保为逻辑应用正确配置公共网络访问,您需要将
PublicNetworkAccess
属性显式设置为 'Enabled'
。
publicNetworkAccess: 'Enabled'
启用它将在逻辑应用程序的
"Enabled from select virtual networks and IP addresses"
部分下选择所需的设置Networking
。
修改后的代码:
param logicAppName string = 'mydapsialsjd'
param location string = 'West Europe'
resource storage 'Microsoft.Storage/storageAccounts@2019-06-01' = {
name: 'stlogicenvironmentlatest'
location: location
kind: 'StorageV2'
sku: {
name: 'Standard_GRS'
}
properties: {
supportsHttpsTrafficOnly: true
minimumTlsVersion: 'TLS1_2'
}
}
resource plan 'Microsoft.Web/serverfarms@2021-02-01' = {
name: 'plan-logicnew'
location: location
sku: {
tier: 'WorkflowStandard'
name: 'WS1'
}
properties: {
}
}
resource logicApp 'Microsoft.Web/sites@2022-09-01' = {
name: logicAppName
location: location
kind: 'functionapp,workflowapp'
identity: {
type: 'SystemAssigned'
}
properties: {
serverFarmId: plan.id
siteConfig: {
cors: {
allowedOrigins: [
'https://portal.azure.com'
]
}
ftpsState: 'Disabled'
minTlsVersion: '1.2'
use32BitWorkerProcess: false
netFrameworkVersion: '6.0'
functionsRuntimeScaleMonitoringEnabled: false
vnetRouteAllEnabled: true
publicNetworkAccess: 'Enabled'
ipSecurityRestrictions: [
{
ipAddress: '10.0.0.0/32'
action: 'Allow'
tag: 'Default'
priority: 300
name: 'laptop'
description: 'laptop IP'
}
{
ipAddress: 'Any'
action: 'Deny'
priority: 2147483647
name: 'Deny all'
description: 'Deny all access'
}
]
ipSecurityRestrictionsDefaultAction:'Deny'
scmIpSecurityRestrictions: [
{
ipAddress: 'Any'
action: 'Deny'
priority: 2147483647
name: 'Deny all'
description: 'Deny all access'
}
]
scmIpSecurityRestrictionsDefaultAction:'Deny'
scmIpSecurityRestrictionsUseMain: true
}
httpsOnly: true
}
}
部署成功: