带有DSC的Azure VM部署-将参数传递给配置_Azure_Powershell_Automation_Dsc

带有DSC的Azure VM部署-将参数传递给配置

azure powershell automation

带有DSC的Azure VM部署-将参数传递给配置,azure,powershell,automation,dsc,Azure,Powershell,Automation,Dsc,我正在通过自定义以下Azure部署模板来完成我的第一个AzureRM/DSC模板项目：作为其中的一部分，我修改了WindowsIISServerConfig.ps1，添加了一些Windows功能以及下载并安装证书的功能。问题是我不知道如何将证书的凭据传递到此配置中这是我的代码…如何传入$certPass参数 configuration WindowsIISServerConfig { param ( [Parameter(Mandatory = $true)

我正在通过自定义以下Azure部署模板来完成我的第一个AzureRM/DSC模板项目：

作为其中的一部分，我修改了

WindowsIISServerConfig.ps1

，添加了一些Windows功能以及下载并安装证书的功能。问题是我不知道如何将证书的凭据传递到此配置中

这是我的代码…如何传入

$certPass

参数

configuration WindowsIISServerConfig
{

    param
    (
        [Parameter(Mandatory = $true)]
        [ValidateNotNullorEmpty()]
        [System.Management.Automation.PSCredential]
        $certPass
    )

    Import-DscResource -ModuleName 'xWebAdministration'
    Import-DscResource -ModuleName 'xPSDesiredStateConfiguration'
    Import-DscResource -ModuleName 'CertificateDsc'
    Import-DscResource -ModuleName 'PSDesiredStateConfiguration'    

    WindowsFeature WebServer
    {
        Ensure  = 'Present'
        Name    = 'Web-Server'
    }

    WindowsFeature WebManagement
    {
        Ensure  = 'Present'
        Name    = 'Web-Mgmt-Console'
        DependsOn = '[WindowsFeature]WebServer'
    }

    WindowsFeature WebASPNet47
    {
        Ensure  = 'Present'
        Name    = 'Web-Asp-Net45'
        DependsOn = '[WindowsFeature]WebServer'
    }

    WindowsFeature WebNetExt
    {
        Ensure  = 'Present'
        Name    = 'Web-Net-Ext45'
        DependsOn = '[WindowsFeature]WebServer'
    }

    # IIS Site Default Settings
    xWebSiteDefaults SiteDefaults
    {
        ApplyTo                 = 'Machine'
        LogFormat               = 'IIS'
        LogDirectory            = 'C:\inetpub\logs\LogFiles'
        TraceLogDirectory       = 'C:\inetpub\logs\FailedReqLogFiles'
        DefaultApplicationPool  = 'DefaultAppPool'
        AllowSubDirConfig       = 'true'
        DependsOn               = '[WindowsFeature]WebServer'
    }

    # IIS App Pool Default Settings
    xWebAppPoolDefaults PoolDefaults
    {
       ApplyTo               = 'Machine'
       ManagedRuntimeVersion = 'v4.0'
       IdentityType          = 'ApplicationPoolIdentity'
       DependsOn             = '[WindowsFeature]WebServer'
    }

    # Get SSL cert file from Azure Storage using SAS URI
    xRemoteFile CertPfx
    {
        Uri = "https://example.blob.core.windows.net/resources/cert.pfx?sp=r&st=2019-06-02T22:00:11Z&se=2019-07-03T06:00:11Z&spr=https&sv=2018-03-28&sig=xxxxxx&sr=b"
        DestinationPath = "C:\temp\cert.pfx"
    }

    # Import the PFX file which was downloaded to local path
    PfxImport ImportCertPFX
    {
        Ensure     = "Present"
        DependsOn  = "[xRemoteFile]CertPfx"
        Thumbprint = "c124bf740b256316bd756g689140d6ff3dcdd65f"
        Path       = "c:\temp\cert.pfx"
        Location   = "LocalMachine"
        Store      = "WebHosting"
        Credential = $certPass
    }

}

如果您使用的是模板，则可以按照示例进行操作。简而言之，您需要创建一个凭证变量：

    {
      "name": "[concat(parameters('accountName'), '/', parameters('variableName')) ]",
      "type": "microsoft.automation/automationAccounts/Variables",
      "apiVersion": "2015-01-01-preview",
      "tags": { },
      "dependsOn": [ xxx ],
      "properties": {
        "isEncrypted": 0,
        "type": "[parameters('variableType')]",
        "value": "[parameters('variableValue')]"
      }
    },

并在编译时引用它，如果在代码中执行以下操作，它将自动获取变量值：

$domainCreds = Get-AutomationPSCredential -Name 'domainCreds'

我认为，或者，您可以将它们传递到properties.parameters字段（），等等，您谈论的是凭据，我不确定它是否受支持。

根据官方的CertificateDsc存储库，您的解决方案似乎非常有效：

运行此操作时是否有任何错误