0

我想通过使用二头肌来执行以下操作:

  • 创建密钥库
  • 创建密钥库机密
  • 使用此密码作为创建 Synapse 工作区的输入(管理员密码)

我正在使用模块来创建所有资源。

module keyVault 'modules/keyVault.bicep' = {
  scope: resourceGroup
  name: 'keyVault'
  params: {
    keyVaultName: keyVaultName  
    location: location 
    tenantID: subscription().tenantId
  }
}
module  keyVaultSecret 'modules/keyVaultSecret.bicep' = {
  scope: resourceGroup
  name: 'keyVaultSecretSynapseSQLAdminPassword'
  params: {
    secretName: 'synapseSQLAdministratorLoginPassword'
    secretValue: synapseSqlAdministratorLoginPassword
    keyVaultName: keyVaultName
    keyVaultSecretName: '${keyVault.name}/synapseSQLAdministratorLoginPassword'
  }
}

module synapse 'modules/synapseWs.bicep' = {
  scope: resourceGroup
  name: 'synapse'
  params: {
    
    synapseWSName: synapseWSName
    synapseWSLocation: location
    defaultAccountUrl: storageAccount.outputs.accURL
    synapseSqlAdministratorLogin:synapseSqlAdministratorLogin
    synapseSqlAdministratorLoginPassword: keyVault.getSecret('keyVaultSecretSynapseSQLAdminPassword')
    managedResourceGroupName: '${environmentName}-cargo-${applicationName}-synapsemanaged-rg'
    sqlPoolName: sqlPoolName
    synapsePrivateLinkHubName: synapsePrivateLinkHubName
    synapsePrivateLinkHubLocation: location
  }
}

行中使用的getSecret函数

synapseSqlAdministratorLoginPassword: keyVault.getSecret('keyVaultSecretSynapseSQLAdminPassword')

给出错误:“类型“模块”不包含函数“getSecret”。” 显然这个功能只能在资源中使用。我怎么能以不同的方式做到这一点?

谢谢

4

1 回答 1

1

You has to reference the keyvault as existing in the bicep template. You can not use that function referencing a module. You has to reference the resource.

  1. Create the keyvault with the module
  2. Reference existing keyvault (as you just created)
  3. Use the function on the existing keyvault reference.

https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/resource-declaration?tabs=azure-powershell#reference-existing-resources

于 2021-10-09T16:07:48.973 回答