azure - 带有存储和 Cosmos Db 连接字符串的 Azure ARM 模板
问题描述
我希望有人知道如何做到这一点。我已经设置了一个 ARM 模板,它可以在我执行 CI/CD 时创建我的资源,这很棒。我什至设法设置了一个连接字符串:
"ConnectionStrings:ConnectionString": "[concat('Data Source=tcp:', reference(concat('Microsoft.Sql/servers/', variables('name'))).fullyQualifiedDomainName, ',1433;Initial Catalog=', variables('sqlMasterName'), ';User Id=', variables('sqlServerUser'), '@', reference(concat('Microsoft.Sql/servers/', variables('name'))).fullyQualifiedDomainName, ';Password=', variables('sqlServerPassword'), ';')]",
变量sqlServerPassword是由此随机生成的:
"sqlServerPassword": "[concat('P', uniqueString(resourceGroup().id, '224F5A8B-51DB-46A3-A7C8-59B0DD584A41'), 'x', '!')]",
考虑到这一点,有谁知道我如何为存储帐户和 azure cosmos db 做同样的事情?好像不太一样。
我用于创建存储帐户的模板如下所示:
{
"apiVersion": "2018-11-01",
"type": "Microsoft.Storage/storageAccounts",
"name": "[variables('name')]",
"location": "[variables('location')]",
"tags": {
"displayName": "SXP storage"
},
"kind": "Storage",
"sku": {
"name": "Standard_LRS"
}
},
其中没有提到密码等。另外,对于我的 CosmosDb,我也有同样的问题:
{
"name": "[variables('name')]",
"type": "Microsoft.DocumentDB/databaseAccounts",
"apiVersion": "2015-04-08",
"location": "[variables('location')]",
"tags": {
"displayName": "Cosmos DB Account"
},
"properties": {
"locations": "[variables('locations')]",
"databaseAccountOfferType": "Standard"
}
},
{
"name": "[concat(variables('name'), '/sql/', variables('cosmosMasterName'))]",
"type": "Microsoft.DocumentDB/databaseAccounts/apis/databases",
"apiVersion": "2016-03-31",
"dependsOn": [
"[resourceId('Microsoft.DocumentDB/databaseAccounts/', variables('name'))]"
],
"properties": {
"resource": {
"id": "[variables('cosmosMasterName')]"
},
"options": { "throughput": "[variables('cosmosMasterThroughPut')]" }
}
},
{
"name": "[concat(variables('name'), '/sql/', variables('cosmosMasterName'), '/', variables('cosmosContainerName'))]",
"type": "Microsoft.DocumentDb/databaseAccounts/apis/databases/containers",
"apiVersion": "2016-03-31",
"dependsOn": [ "[resourceId('Microsoft.DocumentDB/databaseAccounts/apis/databases', variables('name'), 'sql', variables('cosmosMasterName'))]" ],
"properties": {
"resource": {
"id": "[variables('cosmosContainerName')]",
"partitionKey": {
"paths": [
"/gtin"
],
"kind": "Hash"
},
"indexingPolicy": {
"indexingMode": "consistent",
"includedPaths": [
{
"path": "/*"
}
]
}
}
}
},
{
"name": "[concat(variables('name'), '/sql/', variables('cosmosDevelopName'))]",
"type": "Microsoft.DocumentDB/databaseAccounts/apis/databases",
"apiVersion": "2016-03-31",
"dependsOn": [
"[resourceId('Microsoft.DocumentDB/databaseAccounts/', variables('name'))]"
],
"properties": {
"resource": {
"id": "[variables('cosmosDevelopName')]"
},
"options": { "throughput": "[variables('cosmosDevelopThroughPut')]" }
}
},
{
"name": "[concat(variables('name'), '/sql/', variables('cosmosDevelopName'), '/', variables('cosmosContainerName'))]",
"type": "Microsoft.DocumentDb/databaseAccounts/apis/databases/containers",
"apiVersion": "2016-03-31",
"dependsOn": [ "[resourceId('Microsoft.DocumentDB/databaseAccounts/apis/databases', variables('name'), 'sql', variables('cosmosDevelopName'))]" ],
"properties": {
"resource": {
"id": "[variables('cosmosContainerName')]",
"partitionKey": {
"paths": [
"/gtin"
],
"kind": "Hash"
},
"indexingPolicy": {
"indexingMode": "consistent",
"includedPaths": [
{
"path": "/*"
}
]
}
}
}
}
如果有人可以提供帮助,那就太好了。
解决方案
David Makogon 在现场,但有一种方法可以在 ARM 模板中检索存储帐户和 CosmosDB 生成的密钥和连接字符串。使用 ARM ListKeys函数。
这是我自己的 ARM 模板之一的示例。这是 Azure 函数中的一个应用设置,我在其中引用了存储帐户生成的密钥:
{
"name": "StorageConnectionString",
"value": "[concat('DefaultEndpointsProtocol=https;AccountName=', variables('storageAccountName'), ';AccountKey=', listKeys(resourceId(variables('InfrastructureResourceGroupName'), 'Microsoft.Storage/storageAccounts', variables('storageAccountName')), '2015-05-01-preview').key1)]"
},
请注意,如果您的存储帐户在同一个资源组中,我相信您可以省略 ListKeys 的第一个参数。
获取 CosmosDB 数据库的密钥非常相似。如果你遇到困难,请告诉我,我也会挖掘这个例子。