此位置不应使用模板函数“引用" [英] The template function 'reference' is not expected at this location
问题描述
我正在尝试使用Microsoft.Resources/deploymentScripts在模板中执行脚本,但是我也在同一模板中声明由用户分配的身份
I'm trying to execute a script in my template using Microsoft.Resources/deploymentScripts, but also I'm trying to declare de user assigned identity in the same template
{
"type": "Microsoft.ManagedIdentity/userAssignedIdentities",
"name": "scriptIdentity",
"apiVersion": "2018-11-30",
"location": "[resourceGroup().location]"
},
{
"type": "Microsoft.Resources/deploymentScripts",
"apiVersion": "2019-10-01-preview",
"name": "updateAppServiceConfigMountPointScript",
"dependsOn": [
"[resourceId('Microsoft.Web/sites/config', parameters('appservice_name'), 'web')]",
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity')]",
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', parameters('storageAccounts_name'), 'default')]"
],
"location": "[resourceGroup().location]",
"kind": "AzurePowerShell",
"identity": {
"type": "userAssigned",
"userAssignedIdentities": {
"principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity'), '2019-08-01', 'full').identity.principalId]",
"clientId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity'), '2019-08-01', 'full').identity.clientId]"
}
},
"properties": {
"environmentVariables": [
{
"name": "account_name",
"value": "[parameters('storageAccounts_name')]"
},
{
"name": "app_name",
"value": "[parameters('appservice_name')]"
},
{
"name": "resource_group_name",
"value": "[resourceGroup().name]"
}
],
"scriptContent": "$access_key = ((az storage account keys list --account-name $account_name) | ConvertFrom-JSON).value[0]; az webapp config storage-account add --name \\\"$app_name\\\" --resource-group \\\"$resource_group_name\\\" --custom-id \\\"frontend\\\" --storage-type \\\"AzureBlob\\\" --account-name \\\"stelckstorageaccount\\\" --share-name \\\"frontend\\\" --mount-path \\\"/home/site/wwwroot/frontend\\\" --access-key \\\"$access_key\\\"",
"timeout": "PT1M",
"cleanupPreference": "OnSuccess"
}
模板在此部分中失败:
"userAssignedIdentities": {
"principalId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity'), '2019-08-01', 'full').identity.principalId]",
"clientId": "[reference(resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity'), '2019-08-01', 'full').identity.clientId]"
}
出现以下错误:
部署模板验证失败:"930"行和"9"列的模板资源"updateAppServiceConfigMountPointScript"无效:在此位置不应使用模板函数"reference".有关使用详细信息,请参见 https://aka.ms/arm-template-expressions .有关用法的详细信息,请参见 https://aka.ms/arm-template-expressions ..(代码:InvalidTemplate)
Deployment template validation failed: 'The template resource 'updateAppServiceConfigMountPointScript' at line '930' and column '9' is not valid: The template function 'reference' is not expected at this location. Please see https://aka.ms/arm-template-expressions for usage details.. Please see https://aka.ms/arm-template-expressions for usage details.'. (Code: InvalidTemplate)
如何在没有引用功能的情况下引用部署脚本中的已分配身份?
相关:'Microsoft.Web/sites/config'azureStorageAccounts由于500内部错误而失败
推荐答案
使用身份的resourceId,例如
Use the resourceId of the identity, e.g.
"userAssignedIdentities": {
"[resourceId('Microsoft.ManagedIdentity/userAssignedIdentities', 'scriptIdentity')]": {}
}
See https://github.com/Azure/azure-quickstart-templates/blob/master/201-deployment-script-ssh-key-gen/azuredeploy.json for a full sample.
这篇关于此位置不应使用模板函数“引用"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
