[英]Install multiple versions of cert from KV in Azure Resource Manager (ARM)
I'm using the secrets
part of osProfile
to install the certs I need from a given keyvault.我正在使用
osProfile
的secrets
部分从给定的密钥库安装我需要的证书。
It looks something like this:它看起来像这样:
"secrets": [
{
"sourceVault": {
"id": "[parameters('sourceVault')]"
},
"copy": [
{
"name": "vaultCertificates",
"count": "[length(variables('certificatesToInstall'))]",
"input": {
"certificateStore": "[variables('certificateStore')]",
"certificateUrl": "[reference(resourceId(parameters('subscriptionId'), parameters('resourceGroupName'), 'Microsoft.KeyVault/vaults/secrets', parameters('keyVaultName'), variables('certificatesToInstall')[copyIndex('vaultCertificates')]), '2016-10-01').secretUriWithVersion]"
}
}
]
}
]
Which worked fine.效果很好。 However now I need to make sure that more than one version of the same cert is installed on the machine (current one and the previous).
但是现在我需要确保机器上安装了同一证书的多个版本(当前版本和以前版本)。
Things I've tried:我尝试过的事情:
resourceId
function. This fails when deploying.resourceId
function。部署时失败。 Any idea on how to reference previous versions of a cert inside ARM file?关于如何在 ARM 文件中引用以前版本的证书有什么想法吗?
check the below code on how to define the variable with secret's resource id检查下面的代码,了解如何使用秘密的资源 ID 定义变量
"mySecretResourceId": "[concat(resourceGroup().id,'/providers/Microsoft.KeyVault/vaults/', variables('keyVaultName'), '/secrets/', 'my-secret-name')]"
Then below code can be used in your template然后可以在您的模板中使用以下代码
"certificateUrl": "[reference(variables('mySecretResourceId'), '2018-02-14').secretUriWithVersion]"
You can also go through this SO which is having related discussions.也可以通过这个正在讨论的SO go。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.