嗨,我正在开发一个带有 bicep.main 的二头肌模板,其中包含模块和每个资源的单独资源文件
我已经部署了一个 Nat 网关和一个网络安全组,现在我正在尝试部署一个引用 nat 网关和 NSG 的 vnet/子网
这是 vnet.bicep 文件的样子:
param location string
param virtualNetworkName string
param vNetAddressSpace string
param subnetName string
param vNetSubnetPrefix string
param vNetNewOrExisting string
param natGatewayName string
param nsgName string
// reference the existing Nat Gateway and NSG
resource NAT_Gateway 'Microsoft.Network/natGateways@2021-05-01' existing = {
name: natGatewayName
}
resource nsg 'Microsoft.Network/networkSecurityGroups@2021-05-01' existing= {
name: nsgName
}
resource znssVnet 'Microsoft.Network/virtualNetworks@2021-08-01' = if (vNetNewOrExisting == 'new') {
name: virtualNetworkName
location: location
tags: {
Owner: 'wguilherme'
Purpose: 'ZscalerNSSDeployment'
}
properties: {
addressSpace: {
addressPrefixes: [
vNetAddressSpace
]
}
subnets: [
{
name: subnetName
properties: {
addressPrefix: vNetSubnetPrefix
natGateway: {
id: NAT_Gateway.id
}
networkSecurityGroup: {
id: nsg.id
}
privateEndpointNetworkPolicies: 'Enabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}
]
enableDdosProtection: false
enableVmProtection: false
}
}
resource znssSubnet 'Microsoft.Network/virtualNetworks/subnets@2021-05-01' = {
parent: znssVnet
name: subnetName
properties: {
addressPrefix: vNetSubnetPrefix
natGateway: {
id: NAT_Gateway.id
}
privateEndpointNetworkPolicies: 'Enabled'
privateLinkServiceNetworkPolicies: 'Enabled'
}
}
我用现有来引用 NATG 和 NSG
和 :
NAT_Gateway.id
and
nsg.id
但部署失败并出现错误:
资源 /subscriptions/-----/resourceGroups/RG-RSS00/providers/Microsoft.Network/natGateways/NATGW-NSS-SRVC-NIC 资源引用的资源 /subscriptions/-----/resourceGroups/rg-rss00/providers未找到 /Microsoft.Network/virtualNetworks/Zscaler-NSS-VNET。请确保引用的资源存在,并且两个资源位于同一区域。
我检查了 NATGW 和 NSG 都部署在同一个 RG 中
这是我的 main.bicep 的样子:
targetScope='subscription'
param resourceGroupName string
param storageName string
param location string
param date string = utcNow('yyyy-MM-dd')
param email string
param nsgNameFile string
param publicIPAddress1Name string
param publicIPAddress2Name string
param publicIPprefixName string
param SKU string
param StaticPublicIP string
param natGatewayName string
param vNetNewOrExisting string = 'new'
param subnetName string
param virtualNetworkName string
param vNetAddressSpace string
param vNetSubnetPrefix string
param NSSMgtNIC string
param NSSSrvcNIC string
resource newRG 'Microsoft.Resources/resourceGroups@2021-01-01' = {
name: resourceGroupName
location: location
}
module znssStorageAccountName 'storage.bicep' = {
name: 'storageModule'
scope: newRG
params: {
location: location
storageName: storageName
}
}
module nsg 'Networking.bicep'= {
name: 'NetworkingModel'
scope: newRG
params: {
date: date
location: location
email: email
nsgName: nsgNameFile
publicIPAddress1Name: publicIPAddress1Name
publicIPAddress2Name: publicIPAddress2Name
publicIPprefixName: publicIPprefixName
StaticPublicIP: StaticPublicIP
SKU: SKU
natGatewayName: natGatewayName
vNetNewOrExisting: vNetNewOrExisting
}
}
module vnet 'Vnet-Subnets.bicep' = {
name: 'vnetModule'
scope: newRG
params: {
location: location
natGatewayName: natGatewayName
nsgName: nsgNameFile
subnetName: subnetName
virtualNetworkName: virtualNetworkName
vNetAddressSpace: vNetAddressSpace
vNetNewOrExisting: vNetNewOrExisting
vNetSubnetPrefix: vNetSubnetPrefix
}
}
module nic 'NIC.bicep' = {
name: 'nicModule'
scope: newRG
params: {
location: location
nsgName: nsgNameFile
NSSMgtNIC: NSSMgtNIC
NSSSrvcNIC: NSSSrvcNIC
publicIPAddress1Name: publicIPAddress1Name
publicIPAddress2Name: publicIPAddress2Name
subnetName: subnetName
virtualNetworkName: virtualNetworkName
virtualNetworkResourceGroup: resourceGroupName
}
}
错误中的 id 是我在门户上检查时的确切 id,所以我认为这不是 id 问题
我是二头肌新手,所以我希望有人能引导我走向正确的方向。
谢谢
通过添加它工作的依赖属性!
即使创建了 Nat 网关,但在此之前开始创建 vnet
通过添加依赖它等待首先创建 natgw
完整示例: