【发布时间】:2021-11-07 10:02:36
【问题描述】:
我正在按照下面的练习链接在 Microsoft Azure 上执行本练习中提到的步骤:
Azure Developer League: Secure Azure Kubernetes Cluster
我被下面的代码卡住了。
当我在天蓝色云外壳(沙箱)中运行此代码时,如该课程中给出的步骤所述:
export DATABASE_NAME=contoso-ship-manager-$RANDOM && \
az cosmosdb create \
-n $DATABASE_NAME \
-g $RESOURCE_GROUP \
--kind MongoDB \
--enable-free-tier
或者这个代码:
export DATABASE_NAME=contoso-ship-manager-$RANDOM && az cosmosdb create --name $DATABASE_NAME --resource-group $RESOURCE_GROUP --subscription "Concierge Subscription"
每当我运行上述任何代码时,都会收到此错误:
(RequestDisallowedByPolicy) 资源“contoso-ship-manager-17984”是 政策不允许。策略标识符: '[{"policyAssignment":{"name":"containers-assignment","id":"/providers/Microsoft.Management/managementGroups/eab64c3d-95b6-9f1f-755f-9f8578c31e45/providers/Microsoft.Authorization/policyAssignments/容器分配"},"policyDefinition":{"name":"允许 资源 types","id":"/providers/Microsoft.Authorization/policyDefinitions/a08ec900-254a-4555-9bf5-e42af04b5c5c"},"policySetDefinition":{"name":"containers-initiative","id":"/ providers/Microsoft.Management/managementGroups/learn-sandbox-prod/providers/Microsoft.Authorization/policySetDefinitions/containers-initiative"}}]'。 附加信息:类型:PolicyViolation 信息:{ "policyDefinitionDisplayName": "允许的资源类型", "policySetDefinitionDisplayName": "容器倡议", “评估细节”:{ “评估表达式”:[ { “结果”:“错误”, "expressionKind": "字段", “表达式”:“类型”, “路径”:“类型”, "expressionValue": "Microsoft.DocumentDB/databaseAccounts", “目标价值”: [ “microsoft.compute/virtualmachinescalesets”, "Microsoft.ContainerInstance/containerGroups", "microsoft.containerregistry/registries", “microsoft.containerregistry/registries/replications”, “microsoft.containerservice/managedclusters”, "microsoft.insights/components", "microsoft.keyvault/vaults", "Microsoft.MachineLearningServices/工作区", "Microsoft.MachineLearningServices/workspaces/datastores", "microsoft.managedidentity/userassignedidentities", "microsoft.network/applicationgateways", "microsoft.network/dnszones", "Microsoft.Network/dnszones/A", "Microsoft.Network/dnszones/AAA", "Microsoft.Network/dnszones/all", "Microsoft.Network/dnszones/CAA", "Microsoft.Network/dnszones/CNAME", "Microsoft.Network/dnszones/MX", "Microsoft.Network/dnszones/NS", "Microsoft.Network/dnszones/PTR", "Microsoft.Network/dnszones/recordsets", "Microsoft.Network/dnszones/SOA", "Microsoft.Network/dnszones/SRV", "Microsoft.Network/dnszones/TXT", "microsoft.network/loadbalancers", "microsoft.network/networksecuritygroups", “microsoft.network/privatednszones”, “microsoft.network/privatednszones/virtualnetworklinks”, “microsoft.network/privateendpoints”, “microsoft.network/publicipaddresses”, “microsoft.network/routetables”, “microsoft.network/virtualnetworks”, "microsoft.operationsmanagement/solutions", "microsoft.operationalinsights/workspaces", "Microsoft.Storage/storageAccounts", "Microsoft.Storage/storageAccounts/blobServices", "Microsoft.Storage/storageAccounts/fileServices", "Microsoft.Storage/storageAccounts/queueServices", "Microsoft.Storage/storageAccounts/tableServices", "Microsoft.Storage/storageAccounts/blobServices/containers", "Microsoft.Storage/storageAccounts/fileServices/shares", “microsoft.web/connections” ], “操作员”:“在” } ] }, "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a08ec900-254a-4555-9bf5-e42af04b5c5c", "policySetDefinitionId": "/providers/Microsoft.Management/managementGroups/learn-sandbox-prod/providers/Microsoft.Authorization/policySetDefinitions/containers-initiative", “policyDefinitionReferenceId”:“允许的资源类型_1”, "policySetDefinitionName": "容器倡议", "policyDefinitionName": "a08ec900-254a-4555-9bf5-e42af04b5c5c", "policyDefinitionEffect": "拒绝", "policyAssignmentId": "/providers/Microsoft.Management/managementGroups/eab64c3d-95b6-9f1f-755f-9f8578c31e45/providers/Microsoft.Authorization/policyAssignments/containers-assignment", "policyAssignmentName": "容器分配", “policyAssignmentScope”:“/providers/Microsoft.Management/managementGroups/eab64c3d-95b6-9f1f-755f-9f8578c31e45” }
我从过去 2 天开始尝试此操作,但总是再次遇到相同的错误。 我能做什么?
请帮帮我。
任何帮助将不胜感激。
【问题讨论】:
标签: azure azure-cosmosdb azure-aks azure-cosmosdb-mongoapi azure-cloud-shell