如何解决Azure 存储帐户网络限制的补救策略
当我运行此代码来修复 azure 存储时,出现以下错误。我是 azure 政策的新手,任何帮助将不胜感激。
问题和解决方案的原始链接也许提交答案的原始人可以权衡。Original Link
{
"properties": {
"displayName": "storage3","policyType": "Custom","mode": "All","parameters": {
"effect": {
"type": "String","Metadata": {
"displayName": "Effect","description": "Enable or disable the execution of the policy"
},"allowedValues": [
"DeployIfNotExists","disabled"
],"defaultValue": "DeployIfNotExists"
}
},"policyRule": {
"if": {
"allOf": [
{
"field": "type","equals": "Microsoft.Storage/storageAccounts"
},{
"field": "Microsoft.Storage/storageAccounts/networkAcls.defaultAction","notEquals": "Deny"
}
]
},"then": {
"effect": "[parameters('effect')]","details": {
"type": "Microsoft.Storage/storageAccounts","name": "[field('name')]","existenceCondition": {
"field": "Microsoft.Storage/storageAccounts/networkAcls.defaultAction","equals": "Deny"
},"roleDeFinitionIds": [
"/providers/Microsoft.Authorization/roleDeFinitions/b24988ac-6180-42a0-ab88-20f7382dd24c"
],"deployment": {
"properties": {
"mode": "incremental","template": {
"$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {
"name": {
"type": "string"
},"sku": {
"type": "string"
},"location": {
"type": "string"
},"kind": {
"type": "string"
}
},"resources": [
{
"name": "[parameters('name')]","type": "Microsoft.Storage/storageAccounts","apiVersion": "2019-06-01","location": "[parameters('location')]","properties": {
"networkAcls": {
"bypass": "AzureServices","virtualNetworkRules": [
{
"id": "","action": "Allow"
}
],"ipRules": [],"defaultAction": "Deny"
}
},"dependsOn": [],"sku": {
"name": "[parameters('sku')]"
},"kind": "[parameters('kind')]"
}
]
},"parameters": {
"name": {
"value": "[field('name')]"
},"sku": {
"value": "[field('Microsoft.Storage/storageAccounts/sku.name')]"
},"location": {
"value": "[field('location')]"
},"kind": {
"value": "[field('kind')]"
}
}
}
}
}
}
}
}
}
错误 策略定义'/subscriptions/xxxx-xxxx-xxxx-xxxx-xxxx/providers/Microsoft.Authorization/policyDeFinitions/35df2d75-9090-45d4-8620-eca3e33bd5ac/'和分配'/subscriptions/xxxx-xxxx-xxxx-的部署创建xxxx-xxxx/providers/Microsoft.Authorization/policyAssignments/1ea05f4943d848dea7864f26/' 不成功。
Details
Code InvalidTemplateDeployment
Message The template deployment 'PolicyDeployment_1961206787044174973' is not valid according to the validation procedure. The tracking id is '24b01fc6-b536-4422-b4bd-fdcc2fc14d87'. See inner errors for details.
Code PreflightValidationCheckFailed
Message Preflight validation Failed. Please refer to the details for the specific errors.
Code InvalidValuesForRequestParameters
Message Values for request parameters are invalid: networkAcls.virtualNetworkRules[*].id. For more information,see - https://aka.ms/storagenetworkruleset
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。