我正在寻找使用基础架构即代码创建许多 Azure 策略。
MS 文档建议的结构如下:
.
|
|- policies/ ________________________ # Root folder for policy resources
| |- policy1/ ______________________ # Subfolder for a policy
| |- policy.json _________________ # Policy definition
| |- policy.parameters.json ______ # Policy definition of parameters
| |- policy.rules.json ___________ # Policy rule
| |- assign.<name1>.json _________ # Assignment 1 for this policy definition
| |- assign.<name2>.json _________ # Assignment 2 for this policy definition
| |- policy2/ ______________________ # Subfolder for a policy
| |- policy.json _________________ # Policy definition
| |- policy.parameters.json ______ # Policy definition of parameters
| |- policy.rules.json ___________ # Policy rule
| |- assign.<name1>.json _________ # Assignment 1 for this policy definition
| |- assign.<name2>.json _________ # Assignment 2 for this policy definition
|
这是有道理的,但我见过的所有策略定义示例都包括参数定义;policy.parameters.json所以如果只是复制信息,我看不到拥有单独文件的价值。
问题
有没有办法避免这种重复?例如,通过让policy.json文件引用policy.parameters.json文件而不是复制其内容,或者通过这种复制是否增加了一些价值?
(规则文件也会出现同样的情况;我假设该部分的答案是相同的......)
这种重复的例子
从 Azure 社区策略存储库:
策略文件包括以下几行:
"parameters": {
"tagName": {
"type": "String",
"defaultValue": "DateCreated",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'Date'"
}
}
}
参数文件完全复制了在上面的参数部分找到的内容(几乎;在这种情况下,描述略有不同,但这感觉像是一个错误而不是一个理由):
{
"tagName": {
"type": "String",
"defaultValue": "DateCreated",
"metadata": {
"displayName": "Tag Name",
"description": "Name of the tag, such as 'DateCreated'"
}
}
}
MS Docs 团队的回答: