1. 首页
  2. 问答
  3. 使用ARM模板在Azure SQL数据库上设置透明数据加密

使用ARM模板在Azure SQL数据库上设置透明数据加密

2016-04-08 64 views

回答

3

模板应该看起来像这样。

{ 
    "$schema": "http://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", 
    "contentVersion": "1.0.0.0", 
    "parameters": { 
    "serverName": { 
     "type": "string", 
     "defaultValue": "TDETest2", 
     "metadata": { 
     "description": "The name of the new SQL Server to create." 
     } 
    }, 
    "administratorLogin": { 
     "type": "string", 
     "metadata": { 
     "description": "The admin user of the SQL Server" 
     } 
    }, 
    "administratorLoginPassword": { 
     "type": "securestring", 
     "metadata": { 
     "description": "The password of the admin user of the SQL Server" 
     } 

    }, 
    "databaseName": { 
     "type": "string", 
     "defaultValue": "TDETest2", 
     "metadata": { 
     "description": "The name of the new database to create." 
     } 
    }, 
    "collation": { 
     "type": "string", 
     "defaultValue": "SQL_Latin1_General_CP1_CI_AS", 
     "metadata": { 
     "description": "The database collation for governing the proper use of characters." 
     } 
    }, 
    "edition": { 
     "type": "string", 
     "defaultValue": "Basic", 
     "allowedValues": [ 
     "Basic", 
     "Standard", 
     "Premium" 
     ], 
     "metadata": { 
     "description": "The type of database to create." 
     } 
    }, 
    "maxSizeBytes": { 
     "type": "string", 
     "defaultValue": "1073741824", 
     "metadata": { 
     "description": "The maximum size, in bytes, for the database" 
     } 
    }, 
    "requestedServiceObjectiveName": { 
     "type": "string", 
     "defaultValue": "Basic", 
     "allowedValues": [ 
     "Basic", 
     "S0", 
     "S1", 
     "S2", 
     "P1", 
     "P2", 
     "P3" 
     ], 
     "metadata": { 
     "description": "Describes the performance level for Edition" 
     } 
    } 
    }, 
    "variables": { 
    }, 
    "resources": [ 
    { 
     "name": "[parameters('serverName')]", 
     "type": "Microsoft.Sql/servers", 
     "location": "[resourceGroup().location]", 
     "tags": { 
     "displayName": "SqlServer" 
     }, 
     "apiVersion": "2014-04-01-preview", 
     "properties": { 
     "administratorLogin": "[parameters('administratorLogin')]", 
     "administratorLoginPassword": "[parameters('administratorLoginPassword')]" 
     }, 
     "resources": [ 
     { 
      "name": "[parameters('databaseName')]", 
      "type": "databases", 
      "location": "[resourceGroup().location]", 
      "tags": { 
      "displayName": "Database" 
      }, 
      "apiVersion": "2014-04-01-preview", 
      "dependsOn": [ 
      "[parameters('serverName')]" 
      ], 
      "properties": { 
      "edition": "[parameters('edition')]", 
      "collation": "[parameters('collation')]", 
      "maxSizeBytes": "[parameters('maxSizeBytes')]", 
      "requestedServiceObjectiveName": "[parameters('requestedServiceObjectiveName')]" 
      }, 
      "resources":[ 
      { 
       "name": "current", 
       "type": "transparentDataEncryption", 
       "dependsOn": [ 
       "[parameters('databaseName')]" 
       ], 
       "location": null, 
       "apiVersion": "2014-04-01", 
       "properties": { 
       "status": "Disabled" 
       } 
      } 
      ] 
     }, 
     { 
      "type": "firewallrules", 
      "apiVersion": "2014-04-01-preview", 
      "dependsOn": [ 
      "[parameters('serverName')]" 
      ], 
      "location": "[resourceGroup().location]", 
      "name": "AllowAllWindowsAzureIps", 
      "properties": { 
      "endIpAddress": "0.0.0.0", 
      "startIpAddress": "0.0.0.0" 
      } 
     } 
     ] 
    } 
    ], 
    "outputs": { 
    "sqlSvrFqdn": { 
     "type": "string", 
     "value": "[reference(concat('Microsoft.Sql/servers/', parameters('serverName'))).fullyQualifiedDomainName]" 
    } 
    } 
}

transparentDataEncryption应该是属于SQL数据库的资源。因此我将它置于数据库模板的资源之下。

但是,在测试此模板之后,我收到以下错误消息。

Code : InvalidTemplate 
Message : Deployment template validation failed: 'The template resource 'Microsoft.Sql/servers/TDETest2/databases/TDETest2' cannot reference itself. Please see http://aka.ms/arm-template-expressions/#reference for usage details.'.

这意味着透明数据加密在ARM模板中还不被支持。我发布了一项功能请求。请投票here

感谢@JeffBailey。我发现我在我的模板中犯了一个错误,在transparentDataEncryption的dependsOn中使用serverName而不是databaseName。该模板已更新。

来源

2016-04-11 01:52:22

+0

感谢工作@Jack曾 –

+0

其实,我也得使用你的模板工作。您的transparentDataEncryption应该取决于[参数('databaseName')]而不是serverName。对资源部分没有智能感知/模式支持,但至少可以工作!感谢您的帮助@Jack Zeng –

+0

感谢您的指点。这是使用serverName的错字。我会更新答案。 –

1

您需要添加资源:

 "resources":[ 
     { 
      "name": "current", 
      "type": "transparentDataEncryption", 
      "dependsOn": [ 
      "[parameters('databaseName')]" 
      ], 
      "location": null, 
      "apiVersion": "2014-04-01", 
      "properties": { 
      "status": "Enabled" 
      } 
     } 
     ]

和数据库版本必须是12版:

"resources": [ 
{ 
    "name": "[parameters('serverName')]", 
    "type": "Microsoft.Sql/servers", 
    "location": "[resourceGroup().location]", 
    "tags": { 
    "displayName": "SqlServer" 
    }, 
    "apiVersion": "2014-04-01-preview", 
    "properties": { 
    "administratorLogin": "[parameters('administratorLogin')]", 
    "administratorLoginPassword": "[parameters('administratorLoginPassword')]", 
    "version": "12.0" 
    },

来源

2016-08-05 14:41:45 Peter

相关问题

 相关问题