如何在azure中使用arm模板将RBAC分配给多个用户
我有两个AAD应用程序(服务主体),希望使用arm模板将RBAC添加到这两个应用程序中 我尝试使用下面的arm模板进行部署如何在azure中使用arm模板将RBAC分配给多个用户,azure,arm-template,Azure,Arm Template,我有两个AAD应用程序(服务主体),希望使用arm模板将RBAC添加到这两个应用程序中 我尝试使用下面的arm模板进行部署 { "type": "Microsoft.Storage/storageAccounts/blobServices/containers/providers/roleAssignments", "apiVersion": "2018-09-01-preview", "name": "[concat(parameters
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers/providers/roleAssignments",
"apiVersion": "2018-09-01-preview",
"name": "[concat(parameters('StorageAccountName'), '/default/',parameters('ContainerName'), '/Microsoft.Authorization/', parameters('roleNameGuid'))]",
"properties": {
"roleDefinitionId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]",
"principalId": "[parameters('principalId')]"
}
},
{
"type": "Microsoft.Storage/storageAccounts/blobServices/containers/providers/roleAssignments",
"apiVersion": "2018-09-01-preview",
"name": "[concat(parameters('StorageAccountName'), '/default/',parameters('ContainerName'), '/Microsoft.Authorization/', parameters('roleNameGuid'))]",
"properties": {
"roleDefinitionId": "[concat('/subscriptions/', subscription().subscriptionId, '/providers/Microsoft.Authorization/roleDefinitions/', 'ba92f5b4-2d11-453d-a403-e96b0029c9fe')]",
"principalId": "[parameters('principalId2')]"
}
}
当我使用这个arm模板部署时,我得到了下面的错误
Deployment template validation failed: 'The resource 'Microsoft.Storage/storageAccounts/MystorageAccounts/blobServices/default/containers/test/providers/Microsoft.Authorization/roleAssignments/aacd4b89-a70f-4be9-a0ba-6b8698dd7129' at line '52' and column '9' is defined multiple times in a template. Please see https://aka.ms/arm-template/#resources for usage details.'. (Code: InvalidTemplate)
您需要为资源中的
name
选项使用不同的名称。例如,您可以在名称的末尾添加一个数字以区分差异。这不也可以,并去掉guid的硬编码值吗?:
是的,它需要一些输入来计算不同的GUID,但您可以使用属性迭代来更改: