Azure ARM 模板 vnet 对等不同订阅
[英]Azure ARM template vnet peering different subscriptions
原文
2021-12-14 07:06:30
0
1
azure/
azure-resource-manager/
arm-template/
azure-template/
azure-subscription
问题描述
我正在尝试对不同订阅(集线器和辐条模型)中的现有 vnet 进行 vnet 对等。 我想动态地提供订阅 ID(不是硬编码)。 我知道我们可以将 susbcription().id 用于相同的订阅,但是对于不同的订阅,function 是什么
1 个解决方案
解决方案1
0 2021-12-14 09:29:51
正如评论中提到的,当您在订阅 A 中部署模板时,没有 function 来获取订阅 B id。您必须手动提供本Microsoft Document中提到的订阅 B id。
例子:
您可以使用以下模板在不同订阅中对 VNET 进行 vnet 对等互连:
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/managementGroupDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"vnetAName": {
"type": "string",
"defaultValue":"ansuman-vnet",
"metadata": {
"description": "Name of the first VNET"
}
},
"vnetBName": {
"type": "string",
"defaultValue":"vnet-ansuman",
"metadata": {
"description": "Name of the Second VNET"
}
},
"vnetAPrefix": {
"type": "string",
"defaultValue": "10.0.0.0/16",
"metadata": {
"description": "Prefix of the first VNET"
}
},
"vnetBPrefix": {
"type": "string",
"defaultValue": "10.1.0.0/16",
"metadata": {
"description": "Prefix of the Second VNET"
}
},
"subscriptionAID": {
"type": "string",
"metadata": {
"description": "the Subscription ID for the first VNET"
},
"defaultValue": "subA"
},
"resourceGroupAName": {
"type": "string",
"defaultValue": "ansumantest",
"metadata": {
"description": "the resource group name for the first VNET"
}
},
"subscriptionBID": {
"type": "string",
"defaultValue": "subB",
"metadata": {
"description": "the Subscription ID for the second VNET"
}
},
"resourceGroupBName": {
"type": "string",
"defaultValue": "rgB",
"metadata": {
"description": "the resource group name for the second VNET"
}
},
"location": {
"type": "string",
"defaultValue": "West US 2"
}
},
"variables": {
"vnetAtoVnetBPeeringName": "[concat(parameters('vnetAName'),'-to-',parameters('vnetBName'))]",
"vnetBtoVnetAPeeringName": "[concat(parameters('vnetBName'),'-to-',parameters('vnetAName'))]"
},
"resources": [
{
"apiVersion": "2020-06-01",
"name": "createPeeringAtoB",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionAID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromA",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetAName'), '/', variables('vnetAtoVnetBPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionBID'),'/resourceGroups/',parameters('resourceGroupBName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetBName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetBPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
},
{
"apiVersion": "2020-06-01",
"name": "createPeeringBtoA",
"type": "Microsoft.Resources/deployments",
"location": "[parameters('location')]",
"subscriptionId": "[parameters('subscriptionBID')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/subscriptionDeploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {},
"variables": {},
"resources": [
{
"type": "Microsoft.Resources/deployments",
"apiVersion": "2020-06-01",
"name": "createNetworkPeeringfromB",
"location": "[parameters('location')]",
"properties": {
"mode": "Incremental",
"template": {
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"resources": [
{
"type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
"apiVersion": "2020-05-01",
"name": "[concat(parameters('vnetBName'), '/', variables('vnetBtoVnetAPeeringName'))]",
"properties": {
"peeringState": "Connected",
"remoteVirtualNetwork": {
"id": "[concat('/subscriptions/',parameters('subscriptionAID'),'/resourceGroups/',parameters('resourceGroupAName'),'/providers/Microsoft.Network/virtualNetworks/', parameters('vnetAName'))]"
},
"allowVirtualNetworkAccess": true,
"allowForwardedTraffic": true,
"allowGatewayTransit": false,
"useRemoteGateways": false,
"remoteAddressSpace": {
"addressPrefixes": [
"[parameters('vnetAPrefix')]"
]
}
}
}
]
}
}
}
]
}
}
}
],
"outputs": {
}
}
Output:
注意:如果您将上述代码部署到订阅 A,那么您可以将"[parameters('subscriptionAID')]"替换为subscription().id ,类似地,如果您将其部署到订阅 B,那么您可以替换"[parameters('subscriptionBID')]"到subscription().id 。 由于subscription().id仅采用当前订阅的值,即模板部署到的位置。
多个 Vnet 之间的 Vnet 对等互连通过 ARM 模板存在于不同的不同资源组中
[英]Vnet Peering Between Multiple Vnets are present in Different Different Resource Groups through ARM template
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.