创建扩展资源
扩展资源 Azure 中是扩展其他资源的资源。
此模板创建 Azure Key Vault 以及 DiagnosticSettings 扩展。
注意事项:
- 扩展资源是在父资源的
resources
属性下创建的 - 它需要有一个引用父资源的
dependsOn
属性(以防止 ARM 尝试与父资源并行创建扩展)
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"keyVaultName": {
"type": "string",
"metadata": {
"description": "Name of the Vault"
}
},
"tenantId": {
"type": "string",
"metadata": {
"description": "Tenant ID of the directory associated with this key vault"
}
},
"location": {
"type": "string",
"metadata": {
"description": "Key Vault location"
}
},
"storageAccountResourceGroup": {
"type": "string",
"metadata": {
"description": "Resource Group of the storage account where key vault activities will be logged"
}
},
"storageAccountName": {
"type": "string",
"metadata": {
"description": "Name of the storage account where key vault activities will be logged. Must be in same region as the key vault."
}
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults",
"name": "[parameters('keyVaultName')]",
"apiVersion": "2015-06-01",
"location": "[parameters('location')]",
"properties": {
"enabledForDeployment": "false",
"enabledForDiskEncryption": "false",
"enabledForTemplateDeployment": "false",
"tenantId": "[variables('tenantId')]",
"sku": {
"name": "Standard",
"family": "A"
}
},
"resources": [
{
"type": "Microsoft.KeyVault/vaults/providers/diagnosticSettings",
"name": "[concat(parameters('keyVaultName'), '/Microsoft.Insights/service')]",
"apiVersion": "2015-07-01",
"dependsOn": [
"[concat('Microsoft.keyvault/vaults/', parameters('keyVaultName'))]"
],
"properties": {
"storageAccountId": "[resourceId(parameters('storageAccountResourceGroup'), 'Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]",
"logs": [{
"category": "AuditEvent",
"enabled": true,
"retentionPolicy": {
"enabled": true,
"days": 90
}
}]
}
}]
}
],
"outputs": {
"keyVaultUrl": {
"type": "string",
"value": "[reference(resourceId('Microsoft.KeyVault/vaults', parameters('keyVaultName'))).vaultUri]"
}
}
}