azure - 使用 DSC 部署 Azure VM - 将参数传递给配置
问题描述
我正在通过自定义此处找到的 Azure 部署模板来开发我的第一个 AzureRM/DSC 模板项目:https ://github.com/Azure/azure-quickstart-templates/tree/master/201-vmss-automation-dsc
作为其中的一部分,我进行了修改WindowsIISServerConfig.ps1
以添加一些 Windows 功能以及下载和安装证书的能力。问题是我不知道如何将证书的凭据传递到此配置中。
这是我的代码...如何传入$certPass
参数?:
configuration WindowsIISServerConfig
{
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullorEmpty()]
[System.Management.Automation.PSCredential]
$certPass
)
Import-DscResource -ModuleName 'xWebAdministration'
Import-DscResource -ModuleName 'xPSDesiredStateConfiguration'
Import-DscResource -ModuleName 'CertificateDsc'
Import-DscResource -ModuleName 'PSDesiredStateConfiguration'
WindowsFeature WebServer
{
Ensure = 'Present'
Name = 'Web-Server'
}
WindowsFeature WebManagement
{
Ensure = 'Present'
Name = 'Web-Mgmt-Console'
DependsOn = '[WindowsFeature]WebServer'
}
WindowsFeature WebASPNet47
{
Ensure = 'Present'
Name = 'Web-Asp-Net45'
DependsOn = '[WindowsFeature]WebServer'
}
WindowsFeature WebNetExt
{
Ensure = 'Present'
Name = 'Web-Net-Ext45'
DependsOn = '[WindowsFeature]WebServer'
}
# IIS Site Default Settings
xWebSiteDefaults SiteDefaults
{
ApplyTo = 'Machine'
LogFormat = 'IIS'
LogDirectory = 'C:\inetpub\logs\LogFiles'
TraceLogDirectory = 'C:\inetpub\logs\FailedReqLogFiles'
DefaultApplicationPool = 'DefaultAppPool'
AllowSubDirConfig = 'true'
DependsOn = '[WindowsFeature]WebServer'
}
# IIS App Pool Default Settings
xWebAppPoolDefaults PoolDefaults
{
ApplyTo = 'Machine'
ManagedRuntimeVersion = 'v4.0'
IdentityType = 'ApplicationPoolIdentity'
DependsOn = '[WindowsFeature]WebServer'
}
# Get SSL cert file from Azure Storage using SAS URI
xRemoteFile CertPfx
{
Uri = "https://example.blob.core.windows.net/resources/cert.pfx?sp=r&st=2019-06-02T22:00:11Z&se=2019-07-03T06:00:11Z&spr=https&sv=2018-03-28&sig=xxxxxx&sr=b"
DestinationPath = "C:\temp\cert.pfx"
}
# Import the PFX file which was downloaded to local path
PfxImport ImportCertPFX
{
Ensure = "Present"
DependsOn = "[xRemoteFile]CertPfx"
Thumbprint = "c124bf740b256316bd756g689140d6ff3dcdd65f"
Path = "c:\temp\cert.pfx"
Location = "LocalMachine"
Store = "WebHosting"
Credential = $certPass
}
}
解决方案
如果您使用模板,则可以按照此示例进行操作。简而言之,您需要创建一个凭证变量:
{
"name": "[concat(parameters('accountName'), '/', parameters('variableName')) ]",
"type": "microsoft.automation/automationAccounts/Variables",
"apiVersion": "2015-01-01-preview",
"tags": { },
"dependsOn": [ xxx ],
"properties": {
"isEncrypted": 0,
"type": "[parameters('variableType')]",
"value": "[parameters('variableValue')]"
}
},
并在编译时引用它,如果您在代码中执行此操作,它将自动获取变量值:
$domainCreds = Get-AutomationPSCredential -Name 'domainCreds'
我认为,或者,您可以将它们传递给 properties.parameters 字段(描述),等等,您在谈论凭据,我不确定是否支持。
推荐阅读
- python - 在旧版 (EOL) SNI 上安装 certbot-auto 时出现加密 403 错误是必需的错误
- java - java - 如何使Java Rest API在前半部分处理后返回响应,然后在返回响应后继续下半部分?
- php - Gitlab CI 和 php 版本
- modal-dialog - modal ionic 1 中的 appery.io 固定组件
- c++ - 一种检查 is_explicitly_constructible 的方法
- css - CSS 值更改触发的 CSS 动画
- nunit - 无法通过控制台运行我的 SpecFlow 功能代码
- css - 媒体查询的网格参数
- html - CSS Sticky 属性在此演示中不起作用
- javascript - 当我将注意力集中在下拉空格上时,不会打开我的下拉菜单