5

作为模板的一部分,我想检索 OMS / Operational Insights Workspace 的 SharedKeys,而不必将其作为参数传递。

这可能吗?我在这里关注文档

Microsoft.OperationalInsights/workspaces/资源提供者似乎没有任何list*提供者操作,我找不到其他任何参考:

Get-AzureRmProviderOperation -OperationSearchString *  | where {$_.Operation -like "*operational*sharedkeys*"} | FT Operation

Microsoft.OperationalInsights/workspaces/sharedKeys/action

我想要的用法:

"variables": { workspaceKey: "[listKeys(parameters('workspaceResourceId'), '2015-05-01-preview').primarySharedKey]" }

同时,假设这实际上不受支持,我在 Log Analytics UserVoice 站点上添加了一个请求

4

2 回答 2

5

根据 Ryan Jones[listKeys()]针对 OMS 工作区将按预期工作并返回一个带有primarySharedKey&secondarySharedKey属性的 JSON 对象:

"outputs": {
    "listKeys": {
        "value": "[listKeys(parameters('workspaceResourceId'), '2015-11-01-preview')]",
        "type": "object"
    }
}

产量:

{
    "primarySharedKey":"",
    "secondarySharedKey":""
}

重要警告:

listKeys() 不能在variablesARM 模板的部分中指定,因为它从运行时状态派生其值。

请参阅此博客文章,了解如何使用指定为资源的链接模板来检索输出值并将其分配给另一个资源中的属性。

或者,您可以直接使用它。这是我的最终模板:(
实际上不要将键保留在输出中!)

{
  "$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "workspaceResourceId": { "type": "string" },
    "virtualMachines": { "type": "array" }
  },
  "variables": {
    "extensionType": {
      "Windows": "MicrosoftMonitoringAgent",
      "Linux": "OmsAgentForLinux"
    }
  },
  "resources": [
    {
      "copy": {
        "name": "VMMonitoringExtensionsCopy",
        "count": "[length(parameters('virtualMachines'))]"
      },
      "type": "Microsoft.Compute/virtualMachines/extensions",
      "apiVersion": "2015-05-01-preview",
      "location": "[parameters('virtualMachines')[copyIndex()].location]",
      "name": "[concat(parameters('virtualMachines')[copyIndex()].name, '/Microsoft.EnterpriseCloud.Monitoring')]",
      "properties": {
        "publisher": "Microsoft.EnterpriseCloud.Monitoring",
        "type": "[variables('extensionType')[parameters('virtualMachines')[copyIndex()].osType]]",
        "typeHandlerVersion": "1.0",
        "autoUpgradeMinorVersion": true,
        "settings": {
          "workspaceId": "[reference(parameters('workspaceResourceId'), '2015-11-01-preview').customerId]"
        },
        "protectedSettings": {
          "workspaceKey": "[listKeys(parameters('workspaceResourceId'), '2015-11-01-preview').primarySharedKey]"
        }
      }
    }
  ],
  "outputs": {
    "workspaceCustomerId": {
      "value": "[reference(parameters('workspaceResourceId'), '2015-11-01-preview').customerId]",
      "type": "string"
    },
    "workspacePrimarySharedKey": {
      "value": "[listKeys(parameters('workspaceResourceId'), '2015-11-01-preview').primarySharedKey]",
      "type": "securestring"
    },
    "workspaceSecondarySharedKey": {
      "value": "[listKeys(parameters('workspaceResourceId'), '2015-11-01-preview').secondarySharedKey]",
      "type": "securestring"
    }
  }
}

数组参数virtualMachines遵循此架构:

[
    { "name": "", "location": "", "osType": "" }
]
于 2016-05-25T16:48:36.400 回答
-1

listKeys 要求您输入资源类型。那么您尝试过吗?

"variables": { workspaceKey: "[listKeys(resourceId('Microsoft.OperationalInsights/workspaces', parameters('workspaceResourceId'), '2015-05-01-preview').primarySharedKey]" }

不幸的是,atm 在该资源的Azure 快速入门存储库中根本没有任何内容,所以我不能 100% 确定......

但是将它作为参数传递就可以了。您可以这样做...在您的部署脚本中,在运行 New-AzureRmResourceGroupDeployment 之前,创建/使用现有工作区,获取密钥,作为参数传入,在模板中创建 primarySharedKey 作为参数:

$workSpace = Get-AzureRmOperationalInsightsWorkspace -ResourceGroupName $RGName -Name $workSpaceName -ErrorAction SilentlyContinue
if($workSpace -eq $null){
New-AzureRmOperationalInsightsWorkspace -ResourceGroupName $RGName -Name $workSpaceName -Location $Location
}

$keys = Get-AzureRmOperationalInsightsWorkspaceSharedKeys -ResourceGroupName $RGName -Name $workSpaceName

New-AzureRmResourceGroupDeployment <other stuff here> -primarySharedKey $keys.PrimarySharedKey
于 2016-05-20T10:59:57.457 回答