在 Azure 资源管理器(ARM)中从 KV 安装多个版本的证书
[英]Install multiple versions of cert from KV in Azure Resource Manager (ARM)
问题描述
I'm using the secrets part of osProfile to install the certs I need from a given keyvault.
我正在使用osProfile的secrets部分从给定的密钥库安装我需要的证书。
It looks something like this:它看起来像这样:
"secrets": [
{
"sourceVault": {
"id": "[parameters('sourceVault')]"
},
"copy": [
{
"name": "vaultCertificates",
"count": "[length(variables('certificatesToInstall'))]",
"input": {
"certificateStore": "[variables('certificateStore')]",
"certificateUrl": "[reference(resourceId(parameters('subscriptionId'), parameters('resourceGroupName'), 'Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('certificatesToInstall')[copyIndex('vaultCertificates')]), '2016-10-01').secretUriWithVersion]"
}
}
]
}
]
Which worked fine.效果很好。 However now I need to make sure that more than one version of the same cert is installed on the machine (current one and the previous).但是现在我需要确保机器上安装了同一证书的多个版本(当前版本和以前版本)。
Things I've tried:我尝试过的事情:
- Listing a certificate to get its versions directly from ARM. There seems to be no support for this for generic KV as per the docs列出证书以直接从 ARM 获取其版本。根据文档,通用 KV 似乎不支持此操作
- Adding the full version of the cert to the
resourceIdfunction. This fails when deploying.将完整版本的证书添加到resourceIdfunction。部署时失败。
Any idea on how to reference previous versions of a cert inside ARM file?关于如何在 ARM 文件中引用以前版本的证书有什么想法吗?
1 个解决方案
解决方案1
0 2021-08-26 11:11:39
check the below code on how to define the variable with secret's resource id检查下面的代码,了解如何使用秘密的资源 ID 定义变量
"mySecretResourceId": "[concat(resourceGroup().id,'/providers/Microsoft.KeyVault/vaults/', variables('keyVaultName'), '/secrets/', 'my-secret-name')]"
Then below code can be used in your template然后可以在您的模板中使用以下代码
"certificateUrl": "[reference(variables('mySecretResourceId'), '2018-02-14').secretUriWithVersion]"
You can also go through this SO which is having related discussions.也可以通过这个正在讨论的SO go。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.