mercredi 26 août 2020

Arm template if condition

I am trying to implement if condition for the arm template. Idea is from the parameter to read if it suppose to deploy in prod or nonprod sub and have the subnets predefined. Then deploy storage and add some subnets to the storage account virtual network list.

The following line causing troubles:

"virtualNetworkRules": "[if(equals(parameters('Sub'), 'nonprod'),'variables('nonprodvirtualNetworkSubnets').virtualNetworkRulesCopy', 'variables('prodvirtualNetworkSubnets').virtualNetworkRulesCopy', )]",

All help is much appreciated.

"Parameters": {

"Sub": {
    "type": "string",
    "defaultValue": "nonprod",
    "metadata": {
      "description": "Prod or nonprod sub"
    }
  }
},
"variables": {
    "subscriptionId": "[subscription().subscriptionId]",
    "resourcegroupName": "[toUpper(concat(parameters('splitSubscriptionName')[0], '-', parameters('splitSubscriptionName')[1], '-', parameters('splitSubscriptionName')[2], '-02-NET-RSG'))]",
    "virtualNetworkname": "[toLower(concat(parameters('splitSubscriptionName')[0], '-', parameters('splitSubscriptionName')[1], '-', parameters('splitSubscriptionName')[2], '-02-NET-', parameters('splitSubscriptionName')[3], '-00-net'))]", 
    "storageAccountType": "Standard_LRS", //  "allowedValues": ["Standard_LRS", "Standard_GRS", "Standard_ZRS", "Premium_LRS"]
    "blobServicesName": "default",
    "VirtualNetworkExternalId": "[concat('/subscriptions/', variables('subscriptionId'), '/resourceGroups/', variables('resourcegroupName'), '/providers/Microsoft.Network/virtualNetworks/', variables('virtualNetworkname'), '/subnets/')]",
    "nonprodAllowedSubnets": [
      "mngm00-devtest-sub",
      "mngm01-devtest-sub",
      "mngm02-devtest-sub"
    ],
    "prodAllowedSubnets": [
      "mngm00-prod-sub",
      "mngm01-prod-sub"      
    ],
    "nonprodvirtualNetworkSubnets": {
      "copy": [
        {
          "name": "virtualNetworkRulesCopy",
          "count": "[length(variables('nonprodAllowedSubnets'))]",
          "input": {
            "id": "[concat(variables('VirtualNetworkExternalId'), variables('nonprodAllowedSubnets')[copyIndex('virtualNetworkRulesCopy')])]",
            "action": "Allow",
            "state": "Succeeded"
          }
        }
      ]
    },
    "prodvirtualNetworkSubnets": {
      "copy": [
        {
          "name": "virtualNetworkRulesCopy",
          "count": "[length(variables('prodAllowedSubnets'))]",
          "input": {
            "id": "[concat(variables('VirtualNetworkExternalId'), variables('prodAllowedSubnets')[copyIndex('virtualNetworkRulesCopy')])]",
            "action": "Allow",
            "state": "Succeeded"
          }
        }
      ]
    }
  },
  "resources": [
    {
      
      "type": "Microsoft.Storage/storageAccounts",
      "apiVersion": "2019-04-01",
      "name": "[parameters('storageAccountName')]",
      "location": "[resourceGroup().location]",
      "sku": {
        "name": "[variables('storageAccountType')]"
      },
      "kind": "[parameters('storageAccountKind')]",
      "properties": {
        "accessTier": "[parameters('accessTier')]",
        "supportsHttpsTrafficOnly": true,
        "allowBlobPublicAccess": false,
        "networkAcls": {
          "bypass": "AzureServices",
          "virtualNetworkRules": "[if(equals(parameters('Sub'), 'nonprod'),'variables('nonprodvirtualNetworkSubnets').virtualNetworkRulesCopy', 'variables('prodvirtualNetworkSubnets').virtualNetworkRulesCopy', )]",
          "defaultAction": "Deny"
        },
        "encryption": {
          "services": {
            "file": {
              "enabled": true
            },
            "blob": {
              "enabled": true
            }
          },
          "keySource": "Microsoft.Storage"
        }
      }
    }
]
}
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)