问题描述
我正在尝试在嵌套模板中部署函数应用(应用服务)、应用服务计划和 Azure 存储帐户,但是当我尝试部署时出现错误:
Status Message: The Resource 'Microsoft.Storage/storageAccounts/saaccountname389' under resource group '<null>' was not found. For more details please go to https://aka.ms/ARMResourceNotFoundFix (Code:ResourceNotFound)
导致模板失败的部分位于函数应用的属性中的 appSettings 中,它尝试列出存储帐户密钥。我见过的所有示例模板(包括 Azure 中的导出模板选项),按照我下面的代码使用 listKeys(resourceId('Microsoft.Storage/storageAccounts','storageaccountnamehere') 执行此操作:
"appSettings": [
{
"name": "AzureWebJobsstorage","value": "[concat('DefaultEndpointsProtocol=https;AccountName=',variables('Resources').FunctionStorageAccName,';AccountKey=',listKeys(resourceId('Microsoft.Storage/storageAccounts',variables('Resources').FunctionStorageAccName),'2019-06-01').keys[0].value,';EndpointSuffix=','core.windows.net')]"
},{
"name": "WEBSITE_CONTENTAZUREFILECONNECTIONSTRING",'core.windows.net')]"
}
我在我的模板和我见过的其他模板之间看到的唯一区别是,我的模板是嵌套的,我认为我可能没有在嵌套模板中正确使用 resourceId,但是我真的不知道我需要做什么不同的是,ms docs 没有指出增加太多清晰度:https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/scope-functions?tabs=azure-powershell。
我尝试了 resourceId 函数的许多变体,例如包括资源组名称、资源组名称和订阅 ID - 都返回略有不同的错误。
完整的嵌套模板如下:
{
"name": "data","type": "Microsoft.Resources/deployments","apiVersion": "2017-05-10","resourceGroup": "[variables('ResourceGroups').RGFunction]","dependsOn": [
"[resourceId('Microsoft.Resources/resourceGroups',variables('ResourceGroups').RGFunction)]"
],"properties": {
"mode": "Incremental","template": {
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","resources": [
{
"apiVersion": "2018-11-01","name": "[variables('Resources').FunctionName]","type": "Microsoft.Web/sites","kind": "functionapp","location": "[parameters('locationName')]","tags": {},"dependsOn": [
"[variables('Resources').FunctionASPName]","[variables('Resources').FunctionStorageAccName]"
],"properties": {
"name": "[variables('Resources').FunctionName]","siteConfig": {
"appSettings": [
{
"name": "FUNCTIONS_EXTENSION_VERSION","value": "~3"
},{
"name": "FUNCTIONS_WORKER_RUNTIME","value": "dotnet"
},{
"name": "AzureWebJobsstorage",{
"name": "WEBSITE_CONTENTSHARE","value": "[concat(toLower(variables('Resources').FunctionName),'a97a')]"
}
],"use32BitWorkerProcess": true
},"serverFarmId": "[concat('/subscriptions/',subscription().subscriptionId,'/resourcegroups/',variables('ResourceGroups').RGFunction,'/providers/Microsoft.Web/serverfarms/',variables('Resources').FunctionASPName)]","clientAffinityEnabled": false
}
},{
"apiVersion": "2018-11-01","name": "[variables('Resources').FunctionASPName]","type": "Microsoft.Web/serverfarms","kind": "","dependsOn": [],"properties": {
"name": "[variables('Resources').FunctionASPName]","workerSize": "[parameters('FunctionConfiguration').ASPworkerSize]","workerSizeId": "[parameters('FunctionConfiguration').ASPworkerSize]","numberOfWorkers": "[parameters('FunctionConfiguration').ASPnumberOfWorkers]"
},"sku": {
"Tier": "[parameters('FunctionConfiguration').ASPsku]","Name": "[parameters('FunctionConfiguration').ASPskuCode]"
}
},{
"apiVersion": "2019-06-01","type": "Microsoft.Storage/storageAccounts","name": "[variables('Resources').FunctionStorageAccName]","sku": {
"name": "Standard_lrs"
},"properties": {
"supportsHttpsTrafficOnly": true,"minimumTlsversion": "TLS1_2"
}
}
]
}
}
}
解决方法
您将嵌套模板范围划分为与父资源组不同的资源组。您的存储帐户似乎位于与要部署的功能不同的 RG 中。默认情况下,resourceId 函数假定资源与您进行模板部署的资源位于同一个 RG(在您的情况下 - 嵌套的)。
您需要在 resourceId 函数中指定存储帐户所在资源组的名称,或者将存储帐户密钥作为安全字符串参数传递到嵌套模板中。
顺便说一句 - 您是否考虑过将 Azure Bicep 用于 IaaC 而不是 ARM?