azure - 动态传递 ARM 参数作为 customscriptextension 参数

Question

我想在arm模板中运行一个PowerShell自定义脚本，所以它设置端口转发并设置防火墙，脚本如下

function set-proxy {
    param(
        [parameter(ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, HelpMessage = "proxy informations")]
        [hashtable[]]$proxyinfos
    )
    
    foreach ($proxyinfo in $proxyinfos){
    netsh interface portproxy add v4tov4 listenaddress=$($proxyinfo.listenaddress) `
    listenport=$($proxyinfo.listenport) connectaddress=$($proxyinfo.connectaddress) connectport=$($proxyinfo.connectport)
    }
}

function set-firewall {
    param(
        [parameter(ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, HelpMessage = "proxy informations")]
        [hashtable[]]$proxyinfos
    )
    
    foreach ($proxyinfo in $proxyinfos){
        New-NetFirewallRule -DisplayName $($proxyinfo.firewallrulename) -Direction $($proxyinfo.direction) `
        -LocalPort $($proxyinfo.listenport) -Protocol $($proxyinfo.protocol) -Action $($proxyinfo.action)
    }
}

set-proxy $proxyinfos
set-firewall $proxyinfos

我希望proxyinfo可以作为哈希表数组传递

$proxyinfos=@(
    @{
        listenaddress="10.1.10.20"
        listenport="443"
        connectaddress="10.1.10.20"
        connectport="443"
        firewallrulename= "port443"
        direction="Inbound"
        action="Allow"
        protocol="TCP"
    },
    @{
        listenaddress="10.1.10.20"
        listenport="80"
        connectaddress="10.1.10.20"
        connectport="80"
        firewallrulename= "port80"
        direction="Inbound"
        action="Allow"
        protocol="TCP"
    }
)

但我有点难以理解如何从 arm 模板参数文件中传递它。

如果我创建一个名为 proxyinfos 的数组参数

"proxyinfos": {
            "value": [
                {
                    "listenaddress": "10.1.10.20",
                    "listenport": "443",
                    "connectaddress": "10.1.10.20",
                    "connectport": "443",
                    "firewallrulename": "port443",
                    "direction": "Inbound",
                    "action": "Allow",
                    "protocol": "TCP"
                },
                {
                    "listenaddress": "10.1.10.20",
                    "listenport": "80",
                    "connectaddress": "10.1.10.20",
                    "connectport": "80",
                    "firewallrulename": "port80",
                    "direction": "Inbound",
                    "action": "Allow",
                    "protocol": "TCP"
                }
            ]
        }

Answer 1

在传递参数时让它最终工作，必须这样做

"commandToExecute": "[concat('powershell -ExecutionPolicy Unrestricted -file configure-portforwarding.ps1 -proxyinfosjson ', string(parameters('proxyinfos')))]"

所以当将此参数传递给powershell时，json看起来像这样

[{"listenaddress":"10.1.10.20","listenport":"443","connectaddress":"10.1.10.20","connectport":"443","firewallrulename":"port443","direction":"Inbound","action":"Allow 
","protocol":"TCP"},{"listenaddress":"10.1.10.20","listenport":"80","connectaddress":"10.1.10.20","connectport":"80","firewallrulename":"port80","direction":"Inbound","action":"Allow","protocol":"TCP"}]

在powershell里面

$proxyinfos= ConvertFrom-Json -InputObject $proxyinfosjson