0

我有以下脚本,这是我用来部署 vnet 的脚本的一部分。但是它无法创建 vnet,知道我哪里可能出错了吗?

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "client": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Client name - max 3 chars"
      }
    },
    "environment": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Environment name - max 3 chars"
      }
    },
    "businessUnit": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "Business Unit name - max 3 chars"
      }
    },
    "appName": {
      "type": "string",
      "maxLength": 3,
      "metadata": {
        "description": "App name - max 3 chars"
      }
    },
    "addressPrefix": {
      "type": "string",
      "metadata": {
        "description": "The address space in CIDR notation for the new virtual network."
      }
    },
    "subnetName1": {
      "type": "string",
      "metadata": {
        "description": "The name of the first subnet in the new virtual network."
      }
    },
    "subnetName2": {
      "type": "string",
      "metadata": {
        "description": "The name of the first subnet in the new virtual network."
      }
    },
    "gatewaySubnet": {
      "type": "string",
      "defaultValue": "GatewaySubnet",
      "allowedValues": [
        "GatewaySubnet"
      ],
      "metadata": {
        "description": "The name of the subnet where Gateway is to be deployed. This must always be named GatewaySubnet."
      }
    },
    "subnetPrefix1": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the first subnet."
      }
    },
    "subnetPrefix2": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the first subnet."
      }
    },
    "gatewaySubnetPrefix": {
      "type": "string",
      "metadata": {
        "description": "The address range in CIDR notation for the Gateway subnet. For ExpressRoute enabled Gateways, this must be minimum of /28."
      }
    },
    "dnsServerAddress": {
      "type": "array",
      "metadata": {
        "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
      }
    },
    "dnsServerAddressUpdateDns": {
      "type": "array",
      "metadata": {
        "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
      }
    },
    "vpnClientAddressPoolPrefix": {
      "type": "string",
      "metadata": {
        "description": "The IP address range from which VPN clients will receive an IP address when connected. Range specified must not overlap with on-premise network."
      }
    },
    "vmMfaName1privateIPAddress": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the MFA server."
      }
    },
    "vmMfaName2privateIPAddress": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the MFA server."
      }
    },
    "vmMfaLbIpAddress1": {
      "type": "string",
      "metadata": {
        "description": "The IP address of the RADIUS server."
      }
    },
    "radiusServerSecret": {
      "type": "string",
      "metadata": {
        "description": "The secret of the RADIUS server."
      }
    },
    "omsWorkSpaceResourceGroup": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Workspace Resource Group"
      }
    },
    "omsWorkSpaceName": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Workspace Resource Name"
      }
    },
    "omsWorkspaceStorageAccount": {
      "type": "string",
      "defaultValue": "",
      "metadata": {
        "description": "Storage Account of OMS Workspace"
      }
    }
  },
  "variables": {
    "apiVersion": "2015-06-15",
    "vnetApiVersion": "2017-10-01",
    "virtualNetworkPeeringApiVersion": "2017-10-01",
    "routeTableApiVersion": "2017-10-01",
    "locksApiVersion": "2017-04-01",
    "virtualNetworkName": "[tolower(concat('vnet-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
    "gatewaySubnetRef": "[concat(variables('vnetID'),'/subnets/',parameters('gatewaySubnet'))]",
    "virtualNetworkGatewayName": "[tolower(concat('vng-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "gatewaySku": "vpngw1",
    "gatewayPublicIPName": "[tolower(concat('pip-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName')))]",
    "vpnClientProtocols": "IkeV2",
    "subnetName1": "[tolower(concat('sub-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName'), '-', parameters('subnetName1')))]",
    "routeTable1": "[tolower(concat('udr-', variables('subnetName1')))]",
    "networkSecurityGroup1": "[tolower(concat('nsg-', variables('subnetName1')))]",
    "subnetName2": "[tolower(concat('sub-', parameters('client'), '-', parameters('environment'), '-', parameters('businessUnit'), '-', parameters('appName'), '-', parameters('subnetName2')))]",
    "routeTable2": "[tolower(concat('udr-', variables('subnetName2')))]",
    "networkSecurityGroup2": "[tolower(concat('nsg-', variables('subnetName2')))]"
  },
  "resources": [
    {
      "name": "[variables('routeTable1')]",
      "type": "Microsoft.Network/routeTables",
      "apiVersion": "[variables('routeTableApiVersion')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "routes": [
        ],
        "disableBgpRoutePropagation": false
      }
    },
    {
      "name": "[variables('routeTable2')]",
      "type": "Microsoft.Network/routeTables",
      "apiVersion": "[variables('routeTableApiVersion')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "routes": [
        ],
        "disableBgpRoutePropagation": false
      }
    },
    {
      "name": "[variables('networkSecurityGroup1')]",
      "apiVersion": "[variables('apiVersion')]",
      "type": "Microsoft.Network/networkSecurityGroups",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]"
      ],
      "properties": {
        "securityRules": [
          {
            "name": "AllowInboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "[parameters('addressPrefix')]",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRange": "*"
            }
          },
          {
            "name": "AllowInboundHttpsMfaServer1",
            "properties": {
              "priority": 101,
              "protocol": "Tcp",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('vmMfaName1privateIPAddress')]",
              "destinationPortRange": "443"
            }
          },
          {
            "name": "AllowInboundHttpsMfaServer2",
            "properties": {
              "priority": 102,
              "protocol": "Tcp",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('vmMfaName2privateIPAddress')]",
              "destinationPortRange": "443"
            }
          },
          {
            "name": "AllowOutboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Outbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('addressPrefix')]",
              "destinationPortRange": "*"
            }
          }
        ]
      }
    },
    {
      "type": "microsoft.network/networksecuritygroups/providers/diagnosticSettings",
      "name": "[concat(variables('networkSecurityGroup1'), '/Microsoft.Insights/service')]",
      "dependsOn": [
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"
      ],
      "apiVersion": "2017-05-01-preview",
      "properties": {
        "name": "service",
        "storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
        "workspaceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.OperationalInsights/workspaces/', parameters('omsWorkSpaceName'))]",
        "logs": [
          {
            "category": "NetworkSecurityGroupEvent",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          },
          {
            "category": "NetworkSecurityGroupRuleCounter",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          }
        ]
      }
    },
    {
      "name": "[variables('networkSecurityGroup2')]",
      "apiVersion": "[variables('apiVersion')]",
      "type": "Microsoft.Network/networkSecurityGroups",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]"
      ],
      "properties": {
        "securityRules": [
          {
            "name": "AllowInboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Inbound",
              "sourceAddressPrefix": "[parameters('addressPrefix')]",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "*",
              "destinationPortRange": "*"
            }
          },
          {
            "name": "AllowOutboundAnyAddressSpace",
            "properties": {
              "priority": 100,
              "protocol": "*",
              "access": "Allow",
              "direction": "Outbound",
              "sourceAddressPrefix": "*",
              "sourcePortRange": "*",
              "destinationAddressPrefix": "[parameters('addressPrefix')]",
              "destinationPortRange": "*"
            }
          }
        ]
      }
    },
    {
      "type": "microsoft.network/networksecuritygroups/providers/diagnosticSettings",
      "name": "[concat(variables('networkSecurityGroup2'), '/Microsoft.Insights/service')]",
      "dependsOn": [
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
      ],
      "apiVersion": "2017-05-01-preview",
      "properties": {
        "name": "service",
        "storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
        "workspaceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.OperationalInsights/workspaces/', parameters('omsWorkSpaceName'))]",
        "logs": [
          {
            "category": "NetworkSecurityGroupEvent",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          },
          {
            "category": "NetworkSecurityGroupRuleCounter",
            "enabled": true,
            "retentionPolicy": {
              "days": 365,
              "enabled": true
            }
          }
        ]
      }
    },
    {
      "name": "[variables('virtualNetworkName')]",
      "apiVersion": "[variables('vnetApiVersion')]",
      "type": "Microsoft.Network/virtualNetworks",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]",
        "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]",
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]",
        "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
      ],
      "properties": {
        "addressSpace": {
          "addressPrefixes": [
            "[parameters('addressPrefix')]"
          ]
        },
        "dhcpOptions": {
          "dnsServers": "[parameters('dnsServerAddress')]"
        },
        "subnets": [
          {
            "name": "[variables('subnetName1')]",
            "properties": {
              "addressPrefix": "[parameters('subnetPrefix1')]",
              "networkSecurityGroup": {
                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup1'))]"
              },
              "routeTable": {
                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable1'))]"
              },
              "serviceEndpoints": [
                {
                  "service": "Microsoft.Storage",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                },
                {
                  "service": "Microsoft.Sql",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                }
              ]
            }
          },
          {
            "name": "[variables('subnetName2')]",
            "properties": {
              "addressPrefix": "[parameters('subnetPrefix2')]",
              "networkSecurityGroup": {
                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup2'))]"
              },
              "routeTable": {
                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable2'))]"
              },
              "serviceEndpoints": [
                {
                  "service": "Microsoft.Storage",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                },
                {
                  "service": "Microsoft.Sql",
                  "locations": [
                    "[resourceGroup().location]"
                  ]
                }
              ]
            }
          },
          {
            "name": "[parameters('gatewaySubnet')]",
            "properties": {
              "addressPrefix": "[parameters('gatewaySubnetPrefix')]"
            }
          }
        ]
      },
      "resources": [
        {
          "name": "[concat(variables('virtualNetworkName'), '/Microsoft.Authorization/', variables('virtualNetworkName'), '-LockDoNotDelete')]",
          "type": "Microsoft.Network/virtualNetworks/providers/locks",
          "apiVersion": "[variables('locksApiVersion')]",
          "dependsOn": [
            "[variables('virtualNetworkName')]"
          ],
          "properties": {
            "level": "CanNotDelete",
            "notes": "Resource Lock - Do Not Delete!",
            "owners": [
            ]
          }
        }
      ]
    },
    {
      "apiVersion": "2015-06-15",
      "type": "Microsoft.Network/publicIPAddresses",
      "name": "[variables('gatewayPublicIPName')]",
      "location": "[resourceGroup().location]",
      "properties": {
        "publicIPAllocationMethod": "Dynamic"
      }
    },
    {
      "apiVersion": "2015-06-15",
      "type": "Microsoft.Network/virtualNetworkGateways",
      "name": "[variables('virtualNetworkGatewayName')]",
      "location": "[resourceGroup().location]",
      "dependsOn": [
        "[concat('Microsoft.Network/publicIPAddresses/', variables('gatewayPublicIPName'))]",
        "[concat('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
      ],
      "properties": {
        "ipConfigurations": [
          {
            "properties": {
              "privateIPAllocationMethod": "Dynamic",
              "subnet": {
                "id": "[variables('gatewaySubnetRef')]"
              },
              "publicIPAddress": {
                "id": "[resourceId('Microsoft.Network/publicIPAddresses',variables('gatewayPublicIPName'))]"
              }
            },
            "name": "vnetGatewayConfig"
          }
        ],
        "sku": {
          "name": "[variables('gatewaySku')]",
          "tier": "[variables('gatewaySku')]"
        },
        "gatewayType": "Vpn",
        "vpnType": "RouteBased",
        "enableBgp": "false",
        "vpnClientConfiguration": {
          "vpnClientAddressPool": {
            "addressPrefixes": [
              "[parameters('vpnClientAddressPoolPrefix')]"
            ]
          },
          "vpnClientProtocols": [
            "[variables('vpnClientProtocols')]"
          ],
          "radiusServerAddress": "[parameters('vmMfaLbIpAddress1')]",
          "radiusServerSecret": "[parameters('radiusServerSecret')]"
        }
      }
    }
  ]
}

这用于在将 vm 部署到它之前创建一个 vnet 和子网。

我看不出哪里出错了,我很困惑..任何帮助将不胜感激谢谢

4

2 回答 2

1

所以,如果没有你显示确切的错误文本,很难准确地判断出哪里出了问题,我不得不承认模板质量是平庸的。最常见的错误是错误的 dependsOn 属性。你的典型dependsOn

"[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"

正确dependsOn

"[resourceId('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]"

您还有很多地方可以改进,例如,为什么您有网关子网名称的参数?它总是gatewaysubnet。你不能改变它。您使用资源类型的前缀而不是后缀,您在变量部分中构造资源名称以及在模板中仅使用一次(大部分)的其他各种东西(所以只是浪费空间)。在很多地方使用concat()而不是:resourceId()

"storageAccountId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', parameters('omsWorkSpaceResourceGroup'), '/providers/Microsoft.Storage/storageAccounts/', parameters('omsWorkspaceStorageAccount'))]",
"storageAccountId": "[resourceId(parameters('omsWorkSpaceResourceGroup'), 'Microsoft.Storage/storageAccounts', parameters('omsWorkspaceStorageAccount'))]",

第二个选项几乎缩短了 2 倍......

于 2018-11-07T05:17:37.350 回答
0

我今天早上看到这个问题被标记为“已回答”,所以我确实发布了我昨天的发现,但由于你仍然有问题,我会发布它们。

是的,模板不是最好的,似乎是通过从不同的模板中复制一点点拼凑而成的。

话虽如此,我专注于您提到您遇到问题的网络部分。提取网络部分,稍作调整以弥补缺失的参数和变量并尝试部署它。注意到2个问题

https://i.imgur.com/mpYlsbI.png

问题

  • dnsserveraddress 和 dnsserveraddressupdatedns 参数将“type”作为数组,但并未真正接受任何有效输入。

https://i.imgur.com/WnVN6Jh.png

  • 还收到错误,您提供的地址空间 CIDR 表示法 10.10.2.0/22 是无效的 CIDR 表示法。

https://i.imgur.com/yDuY5hX.png

解析度

一旦我纠正了两者,我就可以毫无问题地部署网络部分

https://i.imgur.com/b5Na3up.png

https://i.imgur.com/U8V54Yz.png

调整 JSON 我只是用来部署 VNet。


{
    "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
    "contentVersion": "1.0.0.0",
    "parameters": {
        "addressPrefix": {
            "type": "String",
            "metadata": {
                "description": "The address space in CIDR notation for the new virtual network."
            }
        },
        "subnetName1": {
            "type": "String",
            "metadata": {
                "description": "The name of the first subnet in the new virtual network."
            }
        },
        "subnetName2": {
            "type": "String",
            "metadata": {
                "description": "The name of the first subnet in the new virtual network."
            }
        },
        "gatewaySubnet": {
            "defaultValue": "GatewaySubnet",
            "allowedValues": [
                "GatewaySubnet"
            ],
            "type": "String",
            "metadata": {
                "description": "The name of the subnet where Gateway is to be deployed. This must always be named GatewaySubnet."
            }
        },
        "subnetPrefix1": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the first subnet."
            }
        },
        "subnetPrefix2": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the first subnet."
            }
        },
        "gatewaySubnetPrefix": {
            "type": "String",
            "metadata": {
                "description": "The address range in CIDR notation for the Gateway subnet. For ExpressRoute enabled Gateways, this must be minimum of /28."
            }
        },
        "dnsServerAddress": {
            "type": "String",
            "metadata": {
                "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
            }
        },
        "dnsServerAddressUpdateDns": {
            "type": "String",
            "metadata": {
                "Description": "The DNS address(es) of the DNS Server(s) used by the VNET"
            }
        }
    },
    "variables": {
        "apiVersion": "2015-06-15",
        "vnetApiVersion": "2017-10-01",
        "virtualNetworkPeeringApiVersion": "2017-10-01",
        "routeTableApiVersion": "2017-10-01",
        "locksApiVersion": "2017-04-01",
        "virtualNetworkName": "[tolower(concat('vnet-Test'))]",
        "vnetID": "[resourceId('Microsoft.Network/virtualNetworks',variables('virtualNetworkName'))]",
        "gatewaySubnetRef": "[concat(variables('vnetID'),'/subnets/',parameters('gatewaySubnet'))]",
        "subnetName1": "[tolower(concat('sub-', parameters('subnetName1')))]",
        "routeTable1": "[tolower(concat('udr-', variables('subnetName1')))]",
        "networkSecurityGroup1": "[tolower(concat('nsg-', variables('subnetName1')))]",
        "subnetName2": "[tolower(concat('sub-', parameters('subnetName2')))]",
        "routeTable2": "[tolower(concat('udr-', variables('subnetName2')))]",
        "networkSecurityGroup2": "[tolower(concat('nsg-', variables('subnetName2')))]"
    },
    "resources": [
        {
            "type": "Microsoft.Network/routeTables",
            "name": "[variables('routeTable1')]",
            "apiVersion": "[variables('routeTableApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "routes": [],
                "disableBgpRoutePropagation": false
            }
        },
        {
            "type": "Microsoft.Network/routeTables",
            "name": "[variables('routeTable2')]",
            "apiVersion": "[variables('routeTableApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "routes": [],
                "disableBgpRoutePropagation": false
            }
        },
        {
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[variables('networkSecurityGroup1')]",
            "apiVersion": "[variables('apiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "securityRules": [
                    {
                        "name": "AllowInboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Inbound",
                            "sourceAddressPrefix": "[parameters('addressPrefix')]",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "*",
                            "destinationPortRange": "*"
                        }
                    },
                    {
                        "name": "AllowOutboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Outbound",
                            "sourceAddressPrefix": "*",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "[parameters('addressPrefix')]",
                            "destinationPortRange": "*"
                        }
                    }
                ]
            },
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]"
            ]
        },
        {
            "type": "Microsoft.Network/networkSecurityGroups",
            "name": "[variables('networkSecurityGroup2')]",
            "apiVersion": "[variables('apiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "securityRules": [
                    {
                        "name": "AllowInboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Inbound",
                            "sourceAddressPrefix": "[parameters('addressPrefix')]",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "*",
                            "destinationPortRange": "*"
                        }
                    },
                    {
                        "name": "AllowOutboundAnyAddressSpace",
                        "properties": {
                            "priority": 100,
                            "protocol": "*",
                            "access": "Allow",
                            "direction": "Outbound",
                            "sourceAddressPrefix": "*",
                            "sourcePortRange": "*",
                            "destinationAddressPrefix": "[parameters('addressPrefix')]",
                            "destinationPortRange": "*"
                        }
                    }
                ]
            },
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]"
            ]
        },
        {
            "type": "Microsoft.Network/virtualNetworks",
            "name": "[variables('virtualNetworkName')]",
            "apiVersion": "[variables('vnetApiVersion')]",
            "location": "[resourceGroup().location]",
            "properties": {
                "addressSpace": {
                    "addressPrefixes": [
                        "[parameters('addressPrefix')]"
                    ]
                },
                "dhcpOptions": {
                    "dnsServers": "[parameters('dnsServerAddress')]"
                },
                "subnets": [
                    {
                        "name": "[variables('subnetName1')]",
                        "properties": {
                            "addressPrefix": "[parameters('subnetPrefix1')]",
                            "networkSecurityGroup": {
                                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup1'))]"
                            },
                            "routeTable": {
                                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable1'))]"
                            },
                            "serviceEndpoints": [
                                {
                                    "service": "Microsoft.Storage",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                },
                                {
                                    "service": "Microsoft.Sql",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                }
                            ]
                        }
                    },
                    {
                        "name": "[variables('subnetName2')]",
                        "properties": {
                            "addressPrefix": "[parameters('subnetPrefix2')]",
                            "networkSecurityGroup": {
                                "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('networkSecurityGroup2'))]"
                            },
                            "routeTable": {
                                "id": "[resourceId('Microsoft.Network/routeTables', variables('routeTable2'))]"
                            },
                            "serviceEndpoints": [
                                {
                                    "service": "Microsoft.Storage",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                },
                                {
                                    "service": "Microsoft.Sql",
                                    "locations": [
                                        "[resourceGroup().location]"
                                    ]
                                }
                            ]
                        }
                    },
                    {
                        "name": "[parameters('gatewaySubnet')]",
                        "properties": {
                            "addressPrefix": "[parameters('gatewaySubnetPrefix')]"
                        }
                    }
                ]
            },
            "resources": [
                {
                    "type": "Microsoft.Network/virtualNetworks/providers/locks",
                    "name": "[concat(variables('virtualNetworkName'), '/Microsoft.Authorization/', variables('virtualNetworkName'), '-LockDoNotDelete')]",
                    "apiVersion": "[variables('locksApiVersion')]",
                    "properties": {
                        "level": "CanNotDelete",
                        "notes": "Resource Lock - Do Not Delete!",
                        "owners": []
                    },
                    "dependsOn": [
                        "[variables('virtualNetworkName')]"
                    ]
                }
            ],
            "dependsOn": [
                "[concat('Microsoft.Network/routeTables/', variables('routeTable1'))]",
                "[concat('Microsoft.Network/routeTables/', variables('routeTable2'))]",
                "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup1'))]",
                "[concat('Microsoft.Network/networksecuritygroups/', variables('networkSecurityGroup2'))]"
            ]
        }
    ]
}

希望这可以帮助。

于 2018-11-07T19:49:52.563 回答