stackoom
  简体   繁体   中英

Adding cloninginfo property to arm template deployment slot resource breaks setting user defined managed identity on deployment slot

 原文  2020-11-06 11:53:34       azure/ azure-web-app-service/ arm-template

Question

I discovered something, and I think it's a bug in ARM templates.

I have a template that creates an app service, and creates a deployment slot. Now I wanted to make sure that the deployment slot cloned the appsettings from the parent app service, so I used the cloningInfo node to set the source app service for the clone. But once I did that, setting the user defined managed identity on the deployment slot stopped working, while it is present in the template. My (simplified) template:

resources: [
{
      "apiVersion": "2018-11-01",
      "name": "MyAppservice",
      "type": "Microsoft.Web/sites",
      "location": "[resourceGroup().location]",
      "kind": "app",
      "identity": {
        "type": "userAssigned",
        "userAssignedIdentities": {
          "<some id>": {}
         }
      }
},

{
  "type": "Microsoft.Web/sites/slots",
  "apiVersion": "2018-11-01",
  "name": "['MyAppservice','/secondslot')]",
  "location": "[resourceGroup().location]",
  "dependsOn": [
    "[resourceId('Microsoft.Web/sites', 'MyAppservice')]"
  ],
  "kind": "app",
  "identity": {
    "type": "userAssigned",
    "userAssignedIdentities": {
      "<some id>": {}
    },
   "properties": {
      "cloningInfo": {
      "sourceWebAppId": "[resourceId('Microsoft.Web/sites', 'MyAppservice')]"
    }
   }
  }

]

So when I deploy a template using the above basis, the user defined managed identity is not set on the deployment slot. When I remove the cloningInfo property, the user defined managed identity IS set, but the app settings of the parent app service are not copied.

Am I doing someting wrong here or is this a bug? I know that (for some reason) it is by design that use defined managed identities are not copied to deployment slots, so I would assume that when setting it manually while cloning from an existing app service, the cloning setting would not overwrite the user defined managed identity.

1 answers

solution1
 1 ACCPTED  2020-11-19 04:21:27

It's acknowledged that this is an issue currently where if cloning Info set, it's ignoring rest of the payload. Until it's fixed, workaround is to have 2 separate updates (one for cloning and one for MSI).

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ARM Template - Deployment slot keyvault permissions Azure ARM Deployment slot - adding application settings How to specify slot for Web App deployment in Azure Resource template How to add a default function key with ARM template for a deployment slot in Azure Functions Azure Deployment Slots - adding permissions to the slot Azure Web App staging slot App Settings missing on ARM template deployment Custom Domain on Deployment Slot Enabling deployment slot New deployment slot for azure websites How to fix deployment failing to azure deployment slot?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM