'在'PolicyParameter'类型的对象上找不到成员'type'

【问题标题】:'Could not find member 'type' on object of type 'PolicyParameter''在'PolicyParameter'类型的对象上找不到成员'type'
【发布时间】:2020-02-06 10:06:52
【问题描述】:

我很难通过 Azure Pipelines 处理这些策略和部署。现在它期待已定义的type

我使用 Azure 策略部署模板(创建和分配任务都有版本 3) 错误信息:

InvalidRequestContent : 请求内容无效,不能 被反序列化:'在类型的对象上找不到成员'类型' '策略参数'。路径“properties.parameters.envValue.type”,第 9 行, 位置 15。'。

教授

我的参数文件有什么问题?

{
  "envValue": {
    "type": "String",
    "metadata": {
      "displayName": "Tag Value",
      "description": "Deployment Environment of the resource"
    },
    "defaultValue": "Dev",
    "allowedValues": [
      "Dev",
      "Qas",
      "prd"
    ]
  }
}

我的任务:

# Input variables: set these values in the variables section of the release pipeline

#   AssignmentName        - [required] Policy assignment name
#   AssignmentDisplayName - [optional] Policy assignment display name
#   AssignmentDescription - [optional] Policy assignment description
#   PolicyName            - [optional] Name of policy definition to assign
#   PolicySetName         - [optional] Name of policy set definition to assign
#   ResourceGroupName     - [optional] Name of resource group the policy [set] definition will be applied to
#   SubscriptionId        - [optional] Id of subscription the policy [set] definition will be applied to
#   ManagementGroupName   - [optional] Name of management group the policy [set] definition will be applied to
#  PolicyParameters      - [optional] Policy parameter values in JSON string format

# Notes:
#   Refer to https://docs.microsoft.com/en-us/azure/azure-policy/ for documentation on the Powershell cmdlets and the JSON input formats

$assignmentName = "$(AssignmentName)"
$assignmentDisplayName = "$(AssignmentDisplayName)"
$assignmentDescription = "$(AssignmentDescription)"
$policyName = "$(PolicyName)"
$policySetName = "$(PolicySetName)"
$resourceGroupName = "$(ResourceGroupName)"
$subscriptionId = "$(SubscriptionId)"
$managementGroupName = "$(managementGroupName)"
$policyParameters = "$(PolicyParameters)"

if (!$assignmentName)
{
    throw "Unable to create policy assignment: required input variable value `$(AssignmentName) was not provided"
}

if (!$policyName -and !$policySetName)
{
    throw "Unable to create policy assignment: neither `$(PolicyName) nor `$(PolicySetName) was provided. One or the other must be provided."
}

if ($policyName -and $policySetName)
{
    throw "Unable to create policy assignment: `$(PolicyName) '$policyName' and `$(PolicySetName) '$policySetName' were both provided. Either may be provided, but not both."
}

if ($subscriptionId -and $managementGroupName)
{
    throw "Unable to create policy assignment: `$(SubscriptionId) '$subscriptionId' and `$(ManagementGroupName) '$managementGroupName' were both provided. Either may be provided, but not both."
}

if ($managementGroupName -and $resourceGroupName)
{
    throw "Unable to create policy assignment: `$(ManagementGroupName) '$managementGroupName' and `$(ResourceGroupName) '$resourceGroupName' were both provided. Either may be provided, but not both."
}

if ($managementGroupName)
{
    $scope = "/providers/Microsoft.Management/managementGroups/$managementGroupName"
    $searchParameters = @{ManagementGroupName=$managementGroupName}
}
else
{
    if (!$subscriptionId)
    {
        $subscription = Get-AzureRmContext | Select-Object -Property Subscription
        $subscriptionId = $subscription.Id
    }

    $scope = "/subscriptions/$subscriptionId"
    $searchParameters = @{SubscriptionId=$subscriptionId}

    if ($resourceGroupName)
    {
        $scope += "/resourceGroups/$resourceGroupName"
    }
}

$cmdletParameters = @{Name=$assignmentName; Scope=$scope}
if ($assignmentDisplayName)
{
    $cmdletParameters += @{DisplayName=$assignmentDisplayName}
}

if ($assignmentDescription)
{
    $cmdletParameters += @{Description=$assignmentDescription}
}

if ($policyName)
{
    $policyDefinition = Get-AzureRmPolicyDefinition @searchParameters | Where-Object { $_.Name -eq $policyName }
    if (!$policyDefinition)
    {
        throw "Unable to create policy assignment: policy definition $policyName does not exist"
    }

    $cmdletParameters += @{PolicyDefinition=$policyDefinition}
}

if ($policySetName)
{
    $policySetDefinition = Get-AzureRmPolicySetDefinition @searchParameters | Where-Object { $_.Name -eq $policySetName }
    if (!$policySetDefinition)
    {
        throw "Unable to create policy assignment: policy set definition $policySetName does not exist"
    }

    $cmdletParameters += @{PolicySetDefinition=$policySetDefinition}
}

if ($policyParameters)
{
    $cmdletParameters += @{PolicyParameter=$policyParameters}
}

&New-AzureRmPolicyAssignment @cmdletParameters

【问题讨论】:

    标签: azure azure-devops azure-policy


    【解决方案1】:

    看起来创建您的策略定义任务已成功,这意味着您的参数和规则应该已经建立。问题出在分配时,这意味着您可能正在将非字符串格式的策略参数发送到管道。

    【讨论】:

    • 那么问题到底出在哪里?在 powershell 中,@cmdletParameters 包含 PolicyDefinition 对象,其中包含诸如 PolicyDefinitionId 和策略路径的对象,-PolicyParameter:azurepolicy.parameters.json 的路径等。
    • 从这个命令中,我看不到你在哪里传递那个 json 文件。您还应该仔细检查管道参数,看看您是否从那里传递了正确的策略参数。
    【解决方案2】:

    有点晚了,但我今天碰到了这个。 您的分配参数文件应如下所示:

    {
 "envValue":{
    "value": "Dev"
  }
}

    您传递的是参数定义,而不是实际参数。遵循与 ARM 模板相同的模式。

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 2021-06-29
      • 2012-06-30
      • 2014-04-27
      • 1970-01-01
      • 2012-03-04
      • 1970-01-01
      • 2013-06-10
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode