使用 Resource Manager 模板和 Azure PowerShell 部署资源Deploy resources with Resource Manager templates and Azure PowerShell

了解如何将 Azure PowerShell 与 资源管理器模板配合使用,以向 Azure 部署资源。Learn how to use Azure PowerShell with Resource Manager templates to deploy your resources to Azure. 有关部署和管理 Azure 解决方案的概念的详细信息,请参阅模板部署概述For more information about the concepts of deploying and managing your Azure solutions, see template deployment overview.

部署范围Deployment scope

可将部署目标设定为 Azure 订阅或订阅中的资源组。You can target your deployment to either an Azure subscription or a resource group within a subscription. 大多数情况下,我们会将以资源组指定为部署目标。In most cases, you'll target deployment to a resource group. 可以使用订阅部署在整个订阅中应用策略和角色分配。Use subscription deployments to apply policies and role assignments across the subscription. 还可以使用订阅部署创建资源组并向其部署资源。You also use subscription deployments to create a resource group and deploy resources to it. 你将根据部署范围使用不同的命令。Depending on the scope of the deployment, you use different commands.

若要部署到资源组,请使用 New-AzResourceGroupDeploymentTo deploy to a resource group, use New-AzResourceGroupDeployment:

New-AzResourceGroupDeployment -ResourceGroupName <resource-group-name> -TemplateFile <path-to-template>

若要部署到订阅,请使用 New-AzDeploymentTo deploy to a subscription, use New-AzDeployment:

New-AzDeployment -Location <location> -TemplateFile <path-to-template>

有关订阅级部署的详细信息,请参阅在订阅级别创建资源组和资源For more information about subscription level deployments, see Create resource groups and resources at the subscription level.

目前,仅通过 REST API 支持管理组部署。Currently, management group deployments are only supported through the REST API. 有关管理组级部署的详细信息,请参阅在管理组级别创建资源For more information about management group level deployments, see Create resources at the management group level.

本文中的示例使用资源组部署。The examples in this article use resource group deployments.


你需要使用模板进行部署。You need a template to deploy. 如果还没有模板,请从 Azure 快速入门模板存储库下载并保存一个示例模板If you don't already have one, download and save an example template from the Azure Quickstart templates repo. 本文中使用的本地文件名称为 c:\MyTemplates\azuredeploy.jsonThe local file name used in this article is c:\MyTemplates\azuredeploy.json.

需安装 Azure PowerShell 并连接到 Azure:You need to install Azure PowerShell and connect to Azure:

部署本地模板Deploy local template

以下示例将创建一个资源组,并从本地计算机部署模板。The following example creates a resource group, and deploys a template from your local machine. 资源组名称只能包含字母数字字符、句点、下划线、连字符和括号。The name of the resource group can only include alphanumeric characters, periods, underscores, hyphens, and parenthesis. 它最多可以包含 90 个字符。It can be up to 90 characters. 它不能以句点结尾。It can't end in a period.

Connect-AZAccount -Environment AzureChinaCloud
$resourceGroupName = Read-Host -Prompt "Enter the Resource Group name"
$location = Read-Host -Prompt "Enter the location (i.e. chinaeast)"

New-AzResourceGroup -Name $resourceGroupName -Location $location
New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName `
  -TemplateFile c:\MyTemplates\azuredeploy.json

部署可能需要几分钟才能完成。The deployment can take a few minutes to complete.

部署远程模板Deploy remote template

你可能更愿意将 Resource Manager 模板存储在外部位置,而不是存储在本地计算机上。Instead of storing Resource Manager templates on your local machine, you may prefer to store them in an external location. 可以将模板存储在源控件存储库(例如 GitHub)中。You can store templates in a source control repository (such as GitHub). 另外,还可以将其存储在 Azure 存储帐户中,以便在组织中共享访问。Or, you can store them in an Azure storage account for shared access in your organization.

若要部署外部模板,请使用 TemplateUri 参数。To deploy an external template, use the TemplateUri parameter. 使用示例中的 URI 从 GitHub 部署示例模板。Use the URI in the example to deploy the sample template from GitHub.

$resourceGroupName = Read-Host -Prompt "Enter the Resource Group name"
$location = Read-Host -Prompt "Enter the location (i.e. chinaeast)"

New-AzResourceGroup -Name $resourceGroupName -Location $location
New-AzResourceGroupDeployment -ResourceGroupName $resourceGroupName `
  -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-storage-account-create/azuredeploy.json

前面的示例要求模板的 URI 可公开访问,它适用于大多数情况,因为模板应该不会包含敏感数据。The preceding example requires a publicly accessible URI for the template, which works for most scenarios because your template shouldn't include sensitive data. 如果需要指定敏感数据(如管理员密码),请以安全参数的形式传递该值。If you need to specify sensitive data (like an admin password), pass that value as a secure parameter. 但是,如果不希望模板可公开访问,可以通过将其存储在专用存储容器中来保护它。However, if you don't want your template to be publicly accessible, you can protect it by storing it in a private storage container. 若要了解如何部署需要共享访问签名 (SAS) 令牌的模板,请参阅部署具有 SAS 令牌的专用模板For information about deploying a template that requires a shared access signature (SAS) token, see Deploy private template with SAS token. 若要完成教程,请参阅教程:在资源管理器模板部署中集成 Azure Key VaultTo go through a tutorial, see Tutorial: Integrate Azure Key Vault in Resource Manager Template deployment.

粘贴参数值Pass parameter values

若要传递参数值,可以使用内联参数或参数文件。To pass parameter values, you can use either inline parameters or a parameter file.

内联参数。Inline parameters

若要传递内联参数,请使用 New-AzResourceGroupDeployment 命令提供参数的名称。To pass inline parameters, provide the names of the parameter with the New-AzResourceGroupDeployment command. 例如,若要将字符串和数组传递给模板,请使用:For example, to pass a string and array to a template, use:

$arrayParam = "value1", "value2"
New-AzResourceGroupDeployment -ResourceGroupName testgroup `
  -TemplateFile c:\MyTemplates\demotemplate.json `
  -exampleString "inline string" `
  -exampleArray $arrayParam

还可以获取文件的内容并将该内容作为内联参数提供。You can also get the contents of file and provide that content as an inline parameter.

$arrayParam = "value1", "value2"
New-AzResourceGroupDeployment -ResourceGroupName testgroup `
  -TemplateFile c:\MyTemplates\demotemplate.json `
  -exampleString $(Get-Content -Path c:\MyTemplates\stringcontent.txt -Raw) `
  -exampleArray $arrayParam

当需要提供配置值时,从文件中获取参数值非常有用。Getting a parameter value from a file is helpful when you need to provide configuration values. 例如,可以为 Linux 虚拟机提供 cloud-init 值For example, you can provide cloud-init values for a Linux virtual machine.

如果需要传入对象数组,请在 PowerShell 中创建哈希表并将其添加到数组中。If you need to pass in an array of objects, create hash tables in PowerShell and add them to an array. 在部署过程中将该数组作为参数传递。Pass that array as a parameter during deployment.

$hash1 = @{ Name = "firstSubnet"; AddressPrefix = ""}
$hash2 = @{ Name = "secondSubnet"; AddressPrefix = ""}
$subnetArray = $hash1, $hash2
New-AzResourceGroupDeployment -ResourceGroupName testgroup `
  -TemplateFile c:\MyTemplates\demotemplate.json `
  -exampleArray $subnetArray

参数文件Parameter files

你可能会发现,与在脚本中以内联值的形式传递参数相比,使用包含参数值的 JSON 文件更为容易。Rather than passing parameters as inline values in your script, you may find it easier to use a JSON file that contains the parameter values. 参数文件可以是本地文件,也可以是具有可访问 URI 的外部文件。The parameter file can be a local file or an external file with an accessible URI.

有关参数文件的详细信息,请参阅创建资源管理器参数文件For more information about the parameter file, see Create Resource Manager parameter file.

若要传递本地参数文件,请使用 TemplateParameterFile 参数:To pass a local parameter file, use the TemplateParameterFile parameter:

New-AzResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup `
  -TemplateFile c:\MyTemplates\azuredeploy.json `
  -TemplateParameterFile c:\MyTemplates\storage.parameters.json

若要传递外部参数文件,请使用 TemplateParameterUri 参数:To pass an external parameter file, use the TemplateParameterUri parameter:

New-AzResourceGroupDeployment -Name ExampleDeployment -ResourceGroupName ExampleResourceGroup `
  -TemplateUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-storage-account-create/azuredeploy.json `
  -TemplateParameterUri https://raw.githubusercontent.com/Azure/azure-quickstart-templates/master/101-storage-account-create/azuredeploy.parameters.json

测试模板部署Test template deployments

若要测试模板和参数值而不实际部署任何资源,请使用 Test-AzResourceGroupDeploymentTo test your template and parameter values without actually deploying any resources, use Test-AzResourceGroupDeployment.

Test-AzResourceGroupDeployment -ResourceGroupName ExampleResourceGroup `
  -TemplateFile c:\MyTemplates\azuredeploy.json -storageAccountType Standard_GRS

如果没有检测到错误,该命令在没有响应的情况下完成。If no errors are detected, the command finishes without a response. 如果检测到错误,则该命令将返回一条错误消息。If an error is detected, the command returns an error message. 例如,如果为存储帐户 SKU 传递不正确的值,将返回以下错误:For example, passing an incorrect value for the storage account SKU, returns the following error:

Test-AzResourceGroupDeployment -ResourceGroupName testgroup `
  -TemplateFile c:\MyTemplates\azuredeploy.json -storageAccountType badSku

Code    : InvalidTemplate
Message : Deployment template validation failed: 'The provided value 'badSku' for the template parameter 'storageAccountType'
          at line '15' and column '24' is not valid. The parameter value is not part of the allowed value(s):
Details :

如果模板有语法错误,该命令将返回一个错误,指示它无法分析该模板。If your template has a syntax error, the command returns an error indicating it couldn't parse the template. 该消息会指出分析错误的行号和位置。The message indicates the line number and position of the parsing error.

Test-AzResourceGroupDeployment : After parsing a value an unexpected character was encountered: 
  ". Path 'variables', line 31, position 3.

后续步骤Next steps