二头肌参考:找不到现有资源

tag-icon tag-icon automation azure templates arm
二头肌参考:找不到现有资源

你好,我正在开发一个 bicep 模板,其中 bicep.main 包含模块和每个资源的单独资源文件

我已经部署了 Nat 网关和网络安全组,现在我尝试部署引用 Nat 网关和 NSG 的 vnet/子网

vnet.bicep 文件如下所示:

param location string
param virtualNetworkName string
param vNetAddressSpace string
param subnetName string
param vNetSubnetPrefix string
param vNetNewOrExisting string
param natGatewayName string
param nsgName string

// reference the existing Nat Gateway and NSG
resource NAT_Gateway 'Microsoft.Network/natGateways@2021-05-01' existing =  {
  name: natGatewayName
}
resource nsg 'Microsoft.Network/networkSecurityGroups@2021-05-01' existing= {
  name: nsgName
}

resource znssVnet 'Microsoft.Network/virtualNetworks@2021-08-01' = if (vNetNewOrExisting == 'new') {
  name: virtualNetworkName
  location: location
  tags: {
    Owner: 'wguilherme'
    Purpose: 'ZscalerNSSDeployment'
  }
  properties: {
    addressSpace: {
      addressPrefixes: [
        vNetAddressSpace
      ]
    }
    subnets: [
      {
        name: subnetName
        properties: {
          addressPrefix: vNetSubnetPrefix
          natGateway: {
            id: NAT_Gateway.id
          }
          networkSecurityGroup: {
            id: nsg.id
          }
          privateEndpointNetworkPolicies: 'Enabled'
          privateLinkServiceNetworkPolicies: 'Enabled'
        }
      }
    ]
    enableDdosProtection: false
    enableVmProtection: false
  }
}

resource znssSubnet 'Microsoft.Network/virtualNetworks/subnets@2021-05-01' = {
  parent: znssVnet
  name: subnetName
  properties: {
    addressPrefix: vNetSubnetPrefix
    natGateway: {
      id: NAT_Gateway.id
    }
    privateEndpointNetworkPolicies: 'Enabled'
    privateLinkServiceNetworkPolicies: 'Enabled'
  }
}

我用了现存的参考 NATG 和 NSG

和 :

NAT_Gateway.id
and 
nsg.id

但部署失败并出现错误:

未找到资源 /subscriptions/-----/resourceGroups/RG-RSS00/providers/Microsoft.Network/virtualNetworks/Zscaler-NSS-VNET 引用的资源 /subscriptions/-----/resourceGroups/RG-RSS00/providers/Microsoft.Network/natGateways/NATGW-NSS-SRVC-NIC。请确保引用的资源存在,并且两个资源位于同一区域。

我检查了 NATGW 和 NSG 是否都已部署,并且位于同一个 RG 中

这是我的 main.bicep 的样子:

targetScope='subscription'

param resourceGroupName string
param storageName string
param location string
param date string = utcNow('yyyy-MM-dd')
param email string
param nsgNameFile string
param publicIPAddress1Name string
param publicIPAddress2Name string
param publicIPprefixName string
param SKU string
param StaticPublicIP string 
param natGatewayName string
param vNetNewOrExisting string = 'new'
param subnetName string
param virtualNetworkName string
param vNetAddressSpace string
param vNetSubnetPrefix string
param NSSMgtNIC string
param NSSSrvcNIC string

resource newRG 'Microsoft.Resources/resourceGroups@2021-01-01' = {
  name: resourceGroupName
  location: location
}

module znssStorageAccountName 'storage.bicep' = {
  name: 'storageModule'
  scope: newRG
  params: {
    location: location
    storageName: storageName
  }
}
module nsg 'Networking.bicep'= {
name: 'NetworkingModel'
scope: newRG
params: {
 date: date
 location: location
 email: email
 nsgName: nsgNameFile
 publicIPAddress1Name: publicIPAddress1Name
 publicIPAddress2Name: publicIPAddress2Name
 publicIPprefixName: publicIPprefixName
 StaticPublicIP: StaticPublicIP
 SKU: SKU
 natGatewayName: natGatewayName
 vNetNewOrExisting: vNetNewOrExisting
 }
}

module vnet 'Vnet-Subnets.bicep' = {
  name: 'vnetModule'
  scope: newRG
  params: {
   location: location
   natGatewayName: natGatewayName
   nsgName: nsgNameFile
   subnetName: subnetName
   virtualNetworkName: virtualNetworkName
   vNetAddressSpace: vNetAddressSpace
   vNetNewOrExisting: vNetNewOrExisting
   vNetSubnetPrefix: vNetSubnetPrefix
  }
}
module nic 'NIC.bicep' = {
  name: 'nicModule'
  scope: newRG
  params: {
   location: location
   nsgName: nsgNameFile
   NSSMgtNIC: NSSMgtNIC
   NSSSrvcNIC: NSSSrvcNIC
   publicIPAddress1Name: publicIPAddress1Name
   publicIPAddress2Name: publicIPAddress2Name
   subnetName: subnetName
   virtualNetworkName: virtualNetworkName
   virtualNetworkResourceGroup: resourceGroupName
  }
}

错误中的 ID 与我在门户网站上检查时显示的 ID 完全相同,所以我认为这不是 ID 问题

我对二头肌还不熟悉,所以我希望有人能给我指明正确的方向。

谢谢

答案1

通过添加依赖项,它起作用了!

dependsOn: [
    networking 
  ]

尽管 Nat Gateway 已创建,但 vnet 创建在此之前已开始

通过添加依赖项,它会等待 natgw 首先被创建

完整示例:

module vnet 'Vnet-Subnets.bicep' = {
  name: 'vnetModule'
  scope: newRG
  params: {
   location: location
   natGatewayName: natGatewayName
   nsgName: nsgNameFile
   subnetName: subnetName
   virtualNetworkName: virtualNetworkName
   vNetAddressSpace: vNetAddressSpace
   vNetNewOrExisting: vNetNewOrExisting
   vNetSubnetPrefix: vNetSubnetPrefix
  }
  dependsOn: [
    NATGW
  ]

相关内容