堆栈内存溢出
  简体   繁体   English

使用DSC进行Azure VM部署-将参数传递给配置

[英]Azure VM deployment with DSC - Passing parameter to configuration

 原文  2019-06-06 00:35:01       azure/ powershell/ automation/ dsc

问题描述

I am working on my first AzureRM/DSC template project by customizing the Azure deployment templates found here: https://github.com/Azure/azure-quickstart-templates/tree/master/201-vmss-automation-dsc 我正在通过自定义位于以下位置的Azure部署模板来处理我的第一个AzureRM / DSC模板项目: https : //github.com/Azure/azure-quickstart-templates/tree/master/201-vmss-automation-dsc

As part of that, I modified WindowsIISServerConfig.ps1 to add some Windows features and the ability to download a certificate and install it. 作为其中的一部分,我修改了WindowsIISServerConfig.ps1以添加一些Windows功能以及下载证书和安装证书的功能。 The problem is I don't know how to pass the credential for the certificate into this configuration. 问题是我不知道如何将证书的凭据传递到此配置中。

Here is my code...how can I pass in the $certPass parameter?: 这是我的代码...如何传递$certPass参数?: 

configuration WindowsIISServerConfig
{

    param
    (
        [Parameter(Mandatory = $true)]
        [ValidateNotNullorEmpty()]
        [System.Management.Automation.PSCredential]
        $certPass
    )

    Import-DscResource -ModuleName 'xWebAdministration'
    Import-DscResource -ModuleName 'xPSDesiredStateConfiguration'
    Import-DscResource -ModuleName 'CertificateDsc'
    Import-DscResource -ModuleName 'PSDesiredStateConfiguration'    

    WindowsFeature WebServer
    {
        Ensure  = 'Present'
        Name    = 'Web-Server'
    }

    WindowsFeature WebManagement
    {
        Ensure  = 'Present'
        Name    = 'Web-Mgmt-Console'
        DependsOn = '[WindowsFeature]WebServer'
    }

    WindowsFeature WebASPNet47
    {
        Ensure  = 'Present'
        Name    = 'Web-Asp-Net45'
        DependsOn = '[WindowsFeature]WebServer'
    }

    WindowsFeature WebNetExt
    {
        Ensure  = 'Present'
        Name    = 'Web-Net-Ext45'
        DependsOn = '[WindowsFeature]WebServer'
    }

    # IIS Site Default Settings
    xWebSiteDefaults SiteDefaults
    {
        ApplyTo                 = 'Machine'
        LogFormat               = 'IIS'
        LogDirectory            = 'C:\inetpub\logs\LogFiles'
        TraceLogDirectory       = 'C:\inetpub\logs\FailedReqLogFiles'
        DefaultApplicationPool  = 'DefaultAppPool'
        AllowSubDirConfig       = 'true'
        DependsOn               = '[WindowsFeature]WebServer'
    }

    # IIS App Pool Default Settings
    xWebAppPoolDefaults PoolDefaults
    {
       ApplyTo               = 'Machine'
       ManagedRuntimeVersion = 'v4.0'
       IdentityType          = 'ApplicationPoolIdentity'
       DependsOn             = '[WindowsFeature]WebServer'
    }

    # Get SSL cert file from Azure Storage using SAS URI
    xRemoteFile CertPfx
    {
        Uri = "https://example.blob.core.windows.net/resources/cert.pfx?sp=r&st=2019-06-02T22:00:11Z&se=2019-07-03T06:00:11Z&spr=https&sv=2018-03-28&sig=xxxxxx&sr=b"
        DestinationPath = "C:\temp\cert.pfx"
    }

    # Import the PFX file which was downloaded to local path
    PfxImport ImportCertPFX
    {
        Ensure     = "Present"
        DependsOn  = "[xRemoteFile]CertPfx"
        Thumbprint = "c124bf740b256316bd756g689140d6ff3dcdd65f"
        Path       = "c:\temp\cert.pfx"
        Location   = "LocalMachine"
        Store      = "WebHosting"
        Credential = $certPass
    }

}

2 个解决方案

解决方案1
 1  2019-06-06 05:14:56

If you are using templates you can follow this example. 如果使用模板,则可以按照以下示例操作。 In short you need to create a credential variable: 简而言之,您需要创建一个凭证变量: 

    {
      "name": "[concat(parameters('accountName'), '/', parameters('variableName')) ]",
      "type": "microsoft.automation/automationAccounts/Variables",
      "apiVersion": "2015-01-01-preview",
      "tags": { },
      "dependsOn": [ xxx ],
      "properties": {
        "isEncrypted": 0,
        "type": "[parameters('variableType')]",
        "value": "[parameters('variableValue')]"
      }
    },

and reference it when you compile it will get the variable value automatically if you do this in the code: 并在编译时引用它,如果在代码中执行此操作 ,它将自动获得变量值: 

$domainCreds = Get-AutomationPSCredential -Name 'domainCreds'

I think, alternatively, you can just pass them in to the properties.parameters field ( description ), ah wait, you are talking about credentials, I'm not sure that is supported. 我认为,或者,您可以将它们传递给properties.parameters字段( description ),啊,等等,您在谈论凭据,我不确定是否支持。

解决方案2
 0  2019-06-06 07:03:56

You're solution seems to be pretty vaild, based on the official CertificateDsc repository: https://github.com/PowerShell/CertificateDsc/blob/dev/Examples/Resources/PfxImport/2-PfxImport_InstallPFX_Config.ps1 根据官方的CertificateDsc存储库,您的解决方案似乎无效: https : //github.com/PowerShell/CertificateDsc/blob/dev/Examples/Resources/PfxImport/2-PfxImport_InstallPFX_Config.ps1

Did you get any errors out of running this? 您从运行此程序中得到任何错误吗?

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Azure ARM模板部署中的DSC ConfigurationData参数 - DSC ConfigurationData parameter in Azure ARM template deployment 使用Terraform部署期间在Azure VM上安装DSC扩展的问题 - Issue with install DSC extension on Azure VM during deployment using Terraform 是否可以通过 ARM 模板将分配的 Azure DSC 配置更新到 VM? - Is it possible to update the assigned Azure DSC configuration to a VM via ARM Template? Azure DSC配置问题 - Azure DSC Configuration Issue Azure自动化DSC-在DSC配置中使用PSCredential - Azure Automation DSC - Using PSCredential in DSC Configuration Runbook的Azure DSC配置 - Azure DSC Configuration from Runbooks 如何使用 azure 中的 Desired state 配置 (DSC) 在 VM 中安装 Google chrome? - How to install Google chrome in VM using Desired state configuration (DSC) in azure? 通过ARM模板运行DSC配置之前,请配置Azure VM LCM - Configure Azure VM LCM before running DSC Configuration via ARM template 如何在 Azure 中使用所需的 state 配置 (DSC) 进行 windows VM 的代理设置? - How to make the proxy settings of a windows VM by using desired state configuration (DSC) in Azure? Azure DSC 将文件从存储上传到 VM? - Azure DSC upload a file from storage to VM?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM