问题描述
我想通过管道流程创建Azure DevTest实验室VM。但是,当我开始部署时,它在“创建Azure DevTest Lab VM”步骤中失败,并且似乎是由于我的密钥库丢失所致。但是在检查了我的密钥库之后,我的秘密存储在其中了,并且权限应该没有问题。
不确定消息“未为用户设置秘密存储”。就是说,这是否意味着我的帐户和密钥库之间存在关联问题?我该如何验证?谢谢。
Win7entx64.json
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json","contentVersion": "1.0.0.0","parameters": {
"newVMName": {
"defaultValue": "win7entx64","type": "String"
},"labName": {
"defaultValue": "my_lab","size": {
"defaultValue": "Standard_A3","userName": {
"defaultValue": "trendkj","password": {
"type": "securestring","defaultValue": "[[[VmPassword]]"
}
},"variables": {
"labsubnetName": "[concat(variables('labVirtualNetworkName'),'subnet')]","labVirtualNetworkId": "[resourceId('Microsoft.DevTestLab/labs/virtualnetworks',parameters('labName'),variables('labVirtualNetworkName'))]","labVirtualNetworkName": "[concat('Dtl',parameters('labName'))]","vmId": "[resourceId ('Microsoft.DevTestLab/labs/virtualmachines',parameters('newVMName'))]","vmName": "[concat(parameters('labName'),'/',parameters('newVMName'))]"
},"resources": [
{
"type": "Microsoft.DevTestLab/labs/virtualmachines","apiVersion": "2018-10-15-preview","name": "[variables('vmName')]","location": "westus","properties": {
"labVirtualNetworkId": "[variables('labVirtualNetworkId')]","notes": "Windows 7 Enterprise","galleryImageReference": {
"offer": "windows-7","publisher": "microsoftwindowsdesktop","sku": "win7-enterprise","osType": "Windows","version": "latest"
},"size": "[parameters('size')]","userName": "[parameters('userName')]","password": "[parameters('password')]","isAuthenticationWithSshKey": false,"labsubnetName": "[variables('labsubnetName')]","disallowPublicIpAddress": true,"storageType": "Standard","allowClaim": false
}
}
],"outputs": {
"labVMId": {
"type": "String","value": "[variables('vmId')]"
}
}
}
我在密钥保管箱中的秘密:
密钥保管箱中的我的访问策略
解决方法
根据您对臂模板"defaultValue": "[[[VmPassword]]"
中的键值的引用,您应该使用secret saved in DevTest Lab。页面如下所示。
如果您要按照问题所示在“密钥库”页面中使用机密,则手臂模板中的引用应如下所示:
"sqlAdministratorLoginPassword": {
"reference": {
"keyVault": {
"id": "/subscriptions/25abd97b-44a3-4092-8337-xxxx/resourceGroups/mykeyvault/providers/Microsoft.KeyVault/vaults/cmkvtest"
},"secretName": "sqlpassword"
}
}
关于此内容,请参阅此artifact的“ 3.将密钥密钥秘密添加到您的手臂模板”部分。
,您是否缺少“]”?
[[[VmPassword]] --> [[[VmPassword]]]]