无法使用 ARM 模板创建 Azure RBAC 自定义角色
[英]Cannot create Azure RBAC custom role using ARM Template
问题描述
I am unable to spin up Azure RBAC Roles using ARM templates.
我无法使用 ARM 模板启动 Azure RBAC 角色。 As per my template the parameter "actions" would be of type Array.根据我的模板,参数“actions”将是 Array 类型。 It passes Validation but gives error during runtime.它通过了验证,但在运行时给出了错误。 It runs fine however when I am using type String, passing one single action item as parameter.但是,当我使用 String 类型时,它运行良好,将单个操作项作为参数传递。
{
"$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"roleName": {
"type": "string"
},
"description": {
"type": "string"
},
"rbacGuid": {
"type": "string"
},
"actions": {
"type": "Array"
}
},
"variables": {
},
"resources": [
{
"type": "Microsoft.Authorization/roleDefinitions",
"apiVersion": "2017-05-01",
"name": "[parameters('rbacGuid')]",
"properties": {
"roleName": "[parameters('roleName')]",
"IsCustom": true,
"Description": "[parameters('description')]",
"permissions": [
{
"Actions": [
"[parameters('actions')]"
],
"NotActions": []
}
],
"AssignableScopes": [
"[subscription().id]"
]
}
}
],
"outputs": {
}
} }
Error I got:我得到的错误:
az deployment sub create --location $location --template-file $templa ...
+ CategoryInfo : NotSpecified: (Deployment fail...0cea05be18f1. {:String) [], RemoteException
+ FullyQualifiedErrorId : NativeCommandError
"error": {
"code": "InvalidRequestContent",
"message": "The content of your request was not valid, and the original object could not be deserialized. Exception message: 'Unexpected character encountered while
parsing value: [.解析值:[. Path 'properties.permissions[0].Actions', line 1, position 160.'" } }路径 'properties.permissions[0].Actions',第 1 行,position 160.'" } }
1 个解决方案
解决方案1
0 2020-06-14 07:55:09
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.