了解如何使用 Bicep 通过 Azure Cache for Redis 部署缓存。 部署缓存后,将其与现有存储帐户一起使用以保留诊断数据。 了解如何定义要部署的资源以及如何定义执行部署时指定的参数。 可以将此 Bicep 文件用于自己的部署,或对其进行自定义以满足要求。
Bicep 是一种特定于域的语言 (DSL),使用声明性语法来部署 Azure 资源。 它提供简明的语法、可靠的类型安全性以及对代码重用的支持。 Bicep 会针对你的 Azure 基础结构即代码解决方案提供最佳创作体验。
- Azure 订阅:如果没有 Azure 订阅,可在开始前创建一个试用帐户。
- 存储帐户:若要创建帐户,请参阅创建 Azure 存储帐户。 存储帐户用于诊断数据。 在名为“exampleRG”的新资源组中创建存储帐户。
本快速入门中使用的 Bicep 文件来自 Azure 快速入门模板。
@description('Specify the name of the Azure Redis Cache to create.')
param redisCacheName string = 'redisCache-${uniqueString(resourceGroup().id)}'
@description('Location of all resources')
param location string = resourceGroup().location
@description('Specify the pricing tier of the new Azure Redis Cache.')
@allowed([
'Basic'
'Standard'
'Premium'
])
param redisCacheSKU string = 'Standard'
@description('Specify the family for the sku. C = Basic/Standard, P = Premium.')
@allowed([
'C'
'P'
])
param redisCacheFamily string = 'C'
@description('Specify the size of the new Azure Redis Cache instance. Valid values: for C (Basic/Standard) family (0, 1, 2, 3, 4, 5, 6), for P (Premium) family (1, 2, 3, 4, 5)')
@allowed([
0
1
2
3
4
5
6
])
param redisCacheCapacity int = 1
@description('Specify name of Built-In access policy to use as assignment.')
@allowed([
'Data Owner'
'Data Contributor'
'Data Reader'
])
param builtInAccessPolicyName string = 'Data Reader'
@description('Specify name of custom access policy to create.')
param builtInAccessPolicyAssignmentName string = 'builtInAccessPolicyAssignment-${uniqueString(resourceGroup().id)}'
@description('Specify the valid objectId(usually it is a GUID) of the Microsoft Entra Service Principal or Managed Identity or User Principal to which the built-in access policy would be assigned.')
param builtInAccessPolicyAssignmentObjectId string = newGuid()
@description('Specify human readable name of principal Id of the Microsoft Entra Application name or Managed Identity name used for built-in policy assignment.')
param builtInAccessPolicyAssignmentObjectAlias string = 'builtInAccessPolicyApplication-${uniqueString(resourceGroup().id)}'
@description('Specify name of custom access policy to create.')
param customAccessPolicyName string = 'customAccessPolicy-${uniqueString(resourceGroup().id)}'
@description('Specify the valid permissions for the customer access policy to create. For details refer to https://aka.ms/redis/ConfigureAccessPolicyPermissions')
param customAccessPolicyPermissions string = '+@connection +get +hget allkeys'
@description('Specify name of custom access policy to create.')
param customAccessPolicyAssignmentName string = 'customAccessPolicyAssignment-${uniqueString(resourceGroup().id)}'
@description('Specify the valid objectId(usually it is a GUID) of the Microsoft Entra Service Principal or Managed Identity or User Principal to which the custom access policy would be assigned.')
param customAccessPolicyAssignmentObjectId string = newGuid()
@description('Specify human readable name of principal Id of the Microsoft Entra Application name or Managed Identity name used for custom policy assignment.')
param customAccessPolicyAssignmentObjectAlias string = 'customAccessPolicyApplication-${uniqueString(resourceGroup().id)}'
resource redisCache 'Microsoft.Cache/redis@2023-08-01' = {
name: redisCacheName
location: location
properties: {
enableNonSslPort: false
minimumTlsVersion: '1.2'
sku: {
capacity: redisCacheCapacity
family: redisCacheFamily
name: redisCacheSKU
}
redisConfiguration: {
'aad-enabled': 'true'
}
}
}
resource redisCacheBuiltInAccessPolicyAssignment 'Microsoft.Cache/redis/accessPolicyAssignments@2023-08-01' = {
name: builtInAccessPolicyAssignmentName
parent: redisCache
properties: {
accessPolicyName: builtInAccessPolicyName
objectId: builtInAccessPolicyAssignmentObjectId
objectIdAlias: builtInAccessPolicyAssignmentObjectAlias
}
}
resource redisCacheCustomAccessPolicy 'Microsoft.Cache/redis/accessPolicies@2023-08-01' = {
name: customAccessPolicyName
parent: redisCache
properties: {
permissions: customAccessPolicyPermissions
}
dependsOn: [
redisCacheBuiltInAccessPolicyAssignment
]
}
resource redisCacheCustomAccessPolicyAssignment 'Microsoft.Cache/redis/accessPolicyAssignments@2023-08-01' = {
name: customAccessPolicyAssignmentName
parent: redisCache
properties: {
accessPolicyName: customAccessPolicyName
objectId: customAccessPolicyAssignmentObjectId
objectIdAlias: customAccessPolicyAssignmentObjectAlias
}
dependsOn: [
redisCacheCustomAccessPolicy
]
}
Bicep 文件中定义了以下资源:
将该 Bicep 文件另存为本地计算机上的 main.bicep。
使用 Azure CLI 或 Azure PowerShell 来部署该 Bicep 文件。
az deployment group create --resource-group exampleRG --template-file main.bicep --parameters existingDiagnosticsStorageAccountName=<storage-name> existingDiagnosticsStorageAccountResourceGroup=<resource-group>备注
将 <storage-name> 替换为在本快速入门开始时创建的存储帐户的名称。 将 <resource-group> 替换为存储帐户所在的资源组的名称。
部署完成后,可看到一条指示部署成功的消息。
使用 Azure 门户、Azure CLI 或 Azure PowerShell 列出资源组中已部署的资源。
az resource list --resource-group exampleRG
如果不再需要资源组,可以将其删除,这将删除资源组中的资源。
az group delete --name exampleRG
本教程介绍了如何使用 Bicep 通过 Azure Cache for Redis 部署缓存。 若要详细了解 Azure Cache for Redis 和 Bicep,请参阅以下文章:
- 详细了解 Azure Cache for Redis。
- 详细了解 Bicep。