I had created resources including storage account using ARM template. Now i want to delete that storage account using arm template, and not other resource. I am using Linked Template design. Below is my masterAzureDeploy.json:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"templateBaseUrl": {
"type": "string"
},
"parameterBaseUrl": {
"type": "string"
},
"storageAccessToken": {
"type": "string"
}
},
"variables": {
"templateBaseUrl": "[parameters('templateBaseUrl')]",
"parameterBaseUrl": "[parameters('parameterBaseUrl')]",
"keyVaultDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'keyvaultdeploy.json')]",
"cosmosdbDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'cosmosdeploy.json')]",
"managedidentityDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'managedidentitydeploy.json')]",
"aurorapostgresDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'aurorapostgresdeploy.json')]",
"redisDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'redisdeploy.json')]",
"storageDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'storagedeploy.json')]",
"dnszoneDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'dnszonedeploy.json')]",
"bhnsgDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'bhnsgdeploy.json')]",
"rdnsgDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'rdnsgdeploy.json')]",
"dbnsgDeployTemplateUrl": "[uri(variables('templateBaseUrl'), 'dbnsgdeploy.json')]",
"apiVersionResourceDeployment": "[providers('Microsoft.Resources', 'deployments').apiVersions[0]]",
"keyVaultparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'keyvaultdeploy.parameters.json')]",
"cosmosdbparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'cosmosdeploy.parameters.json')]",
"managedidentityparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'managedidentitydeploy.parameters.json')]",
"aurorapostgresparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'aurorapostgresdeploy.parameters.json')]",
"redisparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'redisdeploy.parameters.json')]",
"storageparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'storagedeploy.parameters.json')]",
"dnszoneparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'dnszonedeploy.parameters.json')]",
"bhnsgparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'bhnsgdeploy.parameters.json')]",
"rdnsgparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'rdnsgdeploy.parameters.json')]",
"dbnsgparameterFileUrl": "[uri(variables('parameterBaseUrl'), 'dbnsgdeploy.parameters.json')]"
},
"resources": [
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "keyVaultDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('keyVaultDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('keyVaultparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "cosmosDBDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('cosmosdbDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('cosmosdbparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "storageDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('storageDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('storageparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "redisDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('redisDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('redisparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "aurorapostgresDeploy",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('aurorapostgresDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('aurorapostgresparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "managedIdentityDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('managedidentityDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('managedidentityparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "dnszoneDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('dnszoneDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('dnszoneparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "bhnsgDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('bhnsgDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('bhnsgparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "rdnsgDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('rdnsgDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('rdnsgparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
},
{
"apiVersion": "[variables('apiVersionResourceDeployment')]",
"name": "dbnsgDeployment",
"type": "Microsoft.Resources/deployments",
"properties": {
"templateLink": {
"uri": "[concat(variables('dbnsgDeployTemplateUrl'), parameters('storageAccessToken'))]"
},
"parametersLink": {
"uri": "[concat(variables('dbnsgparameterFileUrl'), parameters('storageAccessToken'))]"
}
}
}
]
}
And this is my storagedeploy.json
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"Project": {
"type": "string",
"metadata": {
"description": "Project name"
}
},
"Environment": {
"type": "string",
"metadata": {
"description": "Project name"
}
},
"location": {
"type": "string",
"metadata": {
"description": "Location for all resources."
}
},
"principalId": {
"type": "string",
"metadata": {
"description": "PrincipalId is Object Id of MSi created. Check Azure Active Directory. Ref https://stackoverflow.com/questions/56440883/arm-template-looking-up-a-user-object-id."
}
}
},
"variables": {
"storageAccountName": "[toLower(concat(parameters('Project'), parameters('Environment'), uniqueString(resourceGroup().id)))]"
},
"resources": [
{
"type": "Microsoft.Storage/storageAccounts",
"apiVersion": "2019-04-01",
"name": "[variables('storageAccountName')]",
"location": "[parameters('location')]",
"sku": {
"name": "Standard_LRS",
"tier": "Standard"
},
"kind": "StorageV2",
"properties": {
"networkAcls": {
"bypass": "AzureServices",
"virtualNetworkRules": [],
"ipRules": [],
"defaultAction": "Allow"
},
"supportsHttpsTrafficOnly": true,
"encryption": {
"services": {
"file": {
"enabled": true
},
"blob": {
"enabled": true
}
},
"keySource": "Microsoft.Storage"
},
"accessTier": "Hot"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices",
"apiVersion": "2019-04-01",
"name": "[concat(variables('storageAccountName'), '/default')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"cors": {
"corsRules": []
},
"deleteRetentionPolicy": {
"enabled": false
}
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers",
"apiVersion": "2019-04-01",
"name": "[concat(variables('storageAccountName'), '/default/project-test-dev-data-store-ue1')]",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('storageAccountName'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"publicAccess": "None"
}
},
{
"type": "Microsoft.Storage/storageAccounts/providers/roleAssignments",
"name": "[concat(variables('storageAccountName'),'/Microsoft.Authorization/',guid(subscription().subscriptionId))]",
"apiVersion": "2019-04-01-preview",
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts/blobServices', variables('storageAccountName'), 'default')]",
"[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
],
"properties": {
"roleDefinitionId": "[concat(resourceGroup().id, '/providers/Microsoft.Authorization/roleDefinitions/17d1049b-9a84-46fb-8f53-869881c3d3ab')]",
"principalId": "[parameters('principalId')]",
"scope": "[resourceId('Microsoft.Storage/storageAccounts', variables('storageAccountName'))]"
}
}
]
}
in command line , i am using --mode complete.
I tried with modifying the storagedeploy.json template, but it didn't worked:
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"Project": {
"type": "string",
"metadata": {
"description": "Project name"
}
},
"Environment": {
"type": "string",
"metadata": {
"description": "Project name"
}
},
"location": {
"type": "string",
"metadata": {
"description": "Location for all resources."
}
},
"principalId": {
"type": "string",
"metadata": {
"description": "PrincipalId is Object Id of MSi created. Check Azure Active Directory. Ref https://stackoverflow.com/questions/56440883/arm-template-looking-up-a-user-object-id."
}
}
},
"variables": {
"storageAccountName": "[toLower(concat(parameters('Project'), parameters('Environment'), uniqueString(resourceGroup().id)))]"
},
"resources": []
}
How to do it.
I believe the reason for the kind of behavior you are observing is because only root-level templates support the complete deployment mode. For linked or nested templates , you must use incremental mode. Subscription level deployments don't support complete mode. Currently, the portal doesn't support complete mode.
For more information, refer note available in this document.
So to accomplish your requirement you may have to not use linked or nested templates.
Hope this helps!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.